# Security Engineer, Corporate Security

**Company:** [Notion](https://hotfix.jobs/companies/notion)
**Location:** San Francisco, CA, New York, NY
**Role:** Security Engineering
**Salary:** $220k – $260k/yr
**Skills:** Okta, Google Workspace, MFA, SSO, SCIM, MDM, Edr, Python, Terraform, Sspm
**Posted:** 2026-06-08

> Hands-on Corporate Security Engineer to own and improve technical controls across identity, endpoints, SaaS, and workforce infrastructure. Build scalable automation and partner with IT, Infrastructure, GRC, and Detection & Response.

## Job Description

## What You'll Achieve
- Harden our identity and access management stack, including Okta and Google Workspace, with phishing-resistant MFA, strong SSO and SCIM lifecycles, and least-privilege access across SaaS.
- Run our endpoint security program across a macOS-first fleet, including MDM, EDR, and configuration baselines, with working coverage for Windows and ChromeOS.
- Secure AI tool usage at the endpoint, including governance of large language models, AI agents, and model context protocol (MCP) integrations; detect and prevent unauthorized or risky AI service access and data exfiltration through AI-enabled tools.
- Reduce SaaS risk at scale through SSPM tooling and custom automation, including detection of risky OAuth grants, excessive permissions, shadow IT, and configuration drift.
- Write code (Python, Terraform) to automate access reviews, onboarding and offboarding, configuration drift detection, and audit evidence collection.
- Partner with Detection & Response to ensure corporate systems produce the telemetry needed to detect identity, endpoint, and SaaS abuse.
- Support SOC 2, ISO 27001, and customer audits as a byproduct of good engineering, not a separate workstream.
- Partner with Detection & Response on investigation and response for corporate security incidents, including phishing, account compromise, lost devices, and BEC.

## Nice to Haves
- Experience at a fast-growing tech or AI company where the security program had to outpace headcount.
- A background in IT engineering, SRE, or production engineering that transitioned into security engineering.
- Experience building internal security tooling or workflows that improved employee or developer experience.
- Contributions to the security community through open-source tools, blog posts, or conference talks.

## Similar roles

- [Software Engineer, Identity](https://hotfix.jobs/jobs/ca0746da-e661-47e9-b699-c90059ece83b) - Scale AI - San Francisco, CA - $216k – $270k/yr
- [Security Engineer, Cloud](https://hotfix.jobs/jobs/7aa4f9aa-c59f-41f0-b53a-e26a4a72d353) - Ramp - New York, NY - $211k – $291k/yr
- [Software Engineer, Scaled Abuse](https://hotfix.jobs/jobs/732bab54-c578-4c2f-928e-cb75247fc80d) - OpenAI - San Francisco, CA - $230k – $385k/yr
- [Software Engineer, Cyber Frontier](https://hotfix.jobs/jobs/328b424b-35a0-499a-b388-235409c6feb7) - OpenAI - San Francisco, CA - $230k – $325k/yr
- [Security Engineer - Vuln Management (Infra)](https://hotfix.jobs/jobs/05cc9fc9-4eb5-4cb5-9acc-a826869df1e0) - Replit - Foster City, CA - $210k – $270k/yr

**Apply:** https://hotfix.jobs/jobs/67a3be58-d872-49bb-8e16-ed79c79c42ca
**Canonical:** https://hotfix.jobs/jobs/67a3be58-d872-49bb-8e16-ed79c79c42ca