Client Platform Engineer, AI & Automation

About the role

#Team Nextdoor Nextdoor (NYSE: NXDR) is the essential neighborhood network. Neighbors, public agencies, and businesses use Nextdoor to connect around local information that matters in more than 350,000 neighborhoods across 11 countries. Nextdoor builds innovative technology to foster local community, share important news, and create neighborhood connections at scale. Download the app and join the neighborhood at nextdoor.com . Meet Your Future Neighbors As a Client Platform Engineer, you will connect IT and Engineering for AI tools and automation at Nextdoor. As more teams start using AI agents, assistants, and connectors, you will manage the IT platforms that keep these tools safe and scalable. This includes handling identity and access for non-human and user-delegated agent identities in Okta, overseeing governance and reviews for new agents and MCP connectors, tracking usage and adoption, and managing costs and licenses to keep our AI use sustainable. You will work with teams in Business Technology, Engineering, Security, and Finance to create processes that help teams launch AI tools quickly while following IT guidelines. Your work will help make AI a valuable resource across the company. At Nextdoor, we operate in an AI-first environment and expect every team member to actively use AI tools as part of their workflow. We aren't looking for prompt engineers; we're looking for people who use tools like Claude, Gemini, ChatGPT, and Glean to challenge their own thinking and take full ownership of AI-assisted outputs. We also offer a warm and inclusive work environment that embraces a hybrid employment model, blending an in office presence and work from home experience for our valued employees. The hiring team will go over these expectations with you if you are being considered for a role near one of our offices in San Francisco, Los Angeles, Chicago, Dallas, New York, and London. The Impact You'll Make If you have experience making IT platforms reliable, secure, and easy to use, and you want to apply those skills to AI tools across the business, this role could be a great fit. You will set the standards for how every AI agent at Nextdoor authenticates, what it can access, what it costs, and how teams are alerted if issues arise. You will be responsible for the standards, review processes, and monitoring that turn one-off AI projects into a dependable platform for the company. Your responsibilities will include: Design and operate the identity, access, and credential lifecycle for AI agents at Nextdoor, including non-human and user-delegated identities in Okta, OAuth 2.0, and OIDC scope minimization, and canonical authentication patterns (user OAuth, service accounts, workload identity federation) that teams default to alongside Nextdoor's existing Network and AV Standards Build and run review processes for AI agents and connectors, covering pre-production review of agent tool surfaces, data scopes, and blast radius; intake review for new MCP servers and third-party connectors (vendor diligence, OAuth scope approval, hosted vs. self-hosted decisions); and the underlying policy framework for registration, data classification, and human-in-the-loop requirements Maintain a centralized registry of AI agents and tooling deployed across Nextdoor, and own the associated telemetry, including Datadog dashboards, vendor analytics ingestion (e.g., the Anthropic Enterprise Analytics API), and recurring department-level adoption reporting for IT and executive leadership Own seat governance and cost controls across Nextdoor's AI tool portfolio (Claude Enterprise, Cursor, Copilot, and emerging tools), including per-user and per-org spend caps, multi-tenant license allocation across vendor organizations, quarterly access reconciliation against Okta, and monthly budget reviews for IT and Finance Participate in in-person Nextdoor events such as trainings, off-sites, volunteer days, and team building exercises Build in-person relationships with team members and contribute to Nextdoor's company culture What You'll Bring To The Team 5+ years in IT engineering, client platform engineering, or IAM-focused security engineering, with clear ownership of production identity and access systems. And/or the ability to perform at an advanced level in the domain Deep hands-on Okta administration experience, including SSO/SAML/OIDC, SCIM, group rules, sign-on policies, and access certification, with a strong understanding of audit and SOX implications Working knowledge of OAuth 2.0, OIDC, and service account or workload identity patterns across Google Cloud and AWS, including the ability to spot anti-patterns (e.g., domain-wide delegation, over-scoped service account keys) before they reach production Comfortable writing scripts to automate IT operations in Python, Bash, or similar, and experience operating CI/CD or scheduled-job patterns (GitHub Actions, cron) for IT automation. Hands-on experience with AI development t