Skip to main content

← Back to all roles

Software Engineer, Governance

Team

Engineering

Location

San Francisco, United States

Apply on Gem
ABOUT RETOOL
Nearly every company in the world runs on custom software for critical operations like tracking performance metrics, handling customer support workflows, building admin dashboards, and countless other processes you might not have even thought of. But most companies don't have adequate resources to properly invest in these tools, leading to a lot of old and clunky internal software or, even worse, users still stuck in manual and spreadsheet flows.
At Retool, we’re building the first enterprise AppGen platform: software that transforms natural language into production-ready code, integrates directly with business data, and meets the highest standards of security and governance. AI is redefining what it means to build software—and who gets to build it. The definition of “developer” now includes analysts, operators, and domain experts creating solutions directly. As the pool of builders widens, so does the complexity of what they need to build. The opportunity is enormous, but so is the challenge of enabling this larger community to build production-grade software safely. That means AI that understands real business data, enforces enterprise policies automatically, and empowers teams to create once and reuse everywhere with shared, trusted components.
Over 100 million hours of work has been automated by developers and domain experts using our platform, freeing them to focus on creative problem-solving and strategic initiatives that drive real business value. The people closest to knowing what needs to be built can now safely create custom solutions within enterprise guardrails. And that's a mission worth striving for.
Let's build the future together!

WHY WE'RE LOOKING FOR YOU
AI is making it possible for anyone to build software in minutes. But building fast and building safely are two very different things. As development democratizes and more people across an organization create apps, agents, and workflows, the risk surface expands dramatically. The question enterprises are asking isn't "can we build it?" but rather "can we trust what's been built?"
On the Governance team, we're solving this problem by building the foundational layer that sits between builders and data. This is the policies, access controls, audit trails, and security infrastructure that make Retool the platform enterprises trust to scale across their entire organization.
Your work will span the stack, from full-stack web development to data pipelines and product infrastructure. You'll focus on the problems that matter most to customers with thousands of employees on Retool: What slows them down? What keeps their security teams up at night? How do we make the right thing easy and the wrong thing hard? This team is responsible for making Retool easily configurable for and deeply trusted by our largest customers.
The Governance team owns the systems that make Retool secure, organized, and trustworthy at scale, from the data layer all the way up to how teams discover and manage their work.
PROJECTS YOU MIGHT WORK ON
  • Data Access Control Layer: Design and build the system that enforces table-level, column-level, and row-level access controls across Retool's database connectors. You might work on: policy modeling, query rewriting to inject security constraints at the data engine, and building the admin UX that makes complex rules intuitive to configure. The goal: when a builder creates an app, the data security is already handled, automatically and invisibly.
  • Hub & Admin Setup: Redesign how administrators onboard and manage Retool. Build the landing page experience, global search, and the guided setup flow that gets enterprises from sign-up to first production app faster. Surface security insights, flag under-authenticated resources, and create the admin dashboard that makes platform health visible at a glance. Build the features that change Retool from something that admins manage to a system that is self managing and self healing, with proper admin oversight and controls.
  • Projects: Build the new organizational primitive for Retool. Projects group apps, agents, and workflows into a shared space with their own membership and role-based permissions. You'd design the data model, build the permissions layer, and create the UI that gives teams a clear home base, replacing a flat, unstructured console with something that scales to hundreds of teams.
  • Automated Security Center & Admin Control Panel: Build the intelligent layer that proactively keeps Retool secure and well-governed. Surface under-authenticated resources, flag potentially dangerous access patterns, monitor usage analytics and spend, and integrate with compliance and DLP tools so security and admin teams get actionable insights instead of raw data, and Retool gets smarter about protecting customers the more they use it.
  • Spaces & Instance Management: Build the controls that let enterprises govern multiple Retool Spaces and instances from a single pane of glass. Enforce organization-wide policies, like requiring all Spaces to use a specific SSO provider or AI configuration, and proactively identify misconfigurations or deviations from compliance requirements.
THE SKILLSET YOU'LL BRING
  • 2–8 years of professional software engineering experience, ideally some of which you've spent at startups
  • Experience owning technically challenging, cross-functional projects from start to finish
  • Strong fundamentals across the entire stack, with a strong grasp of backend systems design, data modeling, and building reliable, scalable software
  • You communicate clearly in design docs, code reviews, and cross-functional discussions
  • You care about code quality, testing, and leaving the codebase better than you found it
  • You're motivated by solving real customer problems, not just writing clever code
NICE TO HAVE
  • Familiarity with Terraform or infrastructure-as-code practices
  • Exposure to dbt, Databricks, or data pipeline tooling
  • Experience building authorization, access control, or security systems
  • Experience with policy engines, query rewriting, or data governance platforms
  • Familiarity with RBAC, ABAC, or relationship-based access control models (Zanzibar, OPA, Cedar)
  • Familiarity with authentication and authorization protocols (OAuth, SAML, SCIM, or similar)
  • Experience designing taming complexity in admin-facing UIs or platform management tools
WHO YOU'LL WORK WITH
You'll join a team that sits at the intersection of security, platform infrastructure, and product experience. You'll work alongside engineers, product managers, and designers who care deeply about making enterprise governance feel effortless rather than burdensome. You'll also partner closely with teams across Retool because governance touches everything.
We're a hard-working, passionate bunch who are motivated by collaboration, strong results, and bringing the impact of Retool to our customers. When we're in the office, we enjoy eating lunch together, and we've been known for our lively game nights. But at the root of it all, we come together to show our customers and not-quite-yet customers how Retool can make them and their companies more efficient and successful.
We're building systems that the largest companies in the world will rely on to keep their data safe and their teams productive. If you want your work to be foundational, the kind of engineering that unlocks everything else, this is the team.

For candidates based in the United States, the pay range(s) for this role is listed below and represents base salary range for non-commissionable roles or on-target earnings (OTE) for commissionable roles. This salary range may be inclusive of several career levels at Retool and will be narrowed during the interview process based on a number of factors such as (but not limited to), scope and responsibilities, the candidate’s experience and qualifications, and location.
Additional compensation in the form(s) of equity and/or commission are dependent on the position offered. Retool provides a comprehensive benefit plan, including medical, dental, vision, and 401(k). Pay and benefits are subject to change at any time, consistent with the terms of any applicable compensation or benefit plans.
The base pay range for this role is $163,800 – $306,000 per year.

Retool offers generous benefits to all employees and hybrid work location. For more information, please visit the benefits and perks section of our careers page!
Retool is currently set up to employ all roles in the US and specific roles in the UK. To find roles that can be employed in the UK, please refer to our careers page and review the indicated locations.