# Application Security Engineer
**Company:** [Notion](https://hotfix.jobs/companies/notion)
**Location:** San Francisco, CA
**Salary:** $165K-$200K
**Experience:** 3+ years
**Skills:** Application Security, Static Analysis, Dynamic Analysis, Security Architecture, Secure Coding, Threat Modeling, Bug Bounty, Vulnerability Remediation, Security Tools, Privacy Best Practices
**Posted:** 2026-02-20
> Application Security Engineer prevents and eliminates software vulnerabilities by consulting with product teams, creating analysis rules, providing developer education, and building security tools. Requires 3+ years experience in secure software design.
## Job Description
## What You'll Achieve
- As an early member of Notion’s Application Security team, you will have a large input in defining the direction and goals of the program.
- Make the secure path the easy path for product teams by providing design guidance and finding solutions that eliminate classes of vulnerabilities.
- Create static and dynamic analysis rules that detect weaknesses in our codebase.
- Provide developers guidance and education on security and privacy best practices that prevent the authoring of vulnerabilities.
- Participate in and drive mitigation strategies during AppSec related incident responses.
- Build and maintain tools that prevent vulnerabilities or automate remediation.

## Skills You'll Need to Bring
- **Security Architecture expertise:** You have at least 3+ years of experience working with product teams to design and/or build secure software.
- **Thoughtful problem-solving:** For you, problem-solving starts with a clear and accurate understanding of the context. You can decompose tricky problems and work towards a clean solution, by yourself or with teammates.
- **Ability to advocate for and lead cross functional projects:** You regularly advocate for security hardening projects that you then lead by partnered with product engineering teams.
- **Pragmatic and business-oriented:** You care about business impact and prioritize projects accordingly.
- **Empathetic communication:** You communicate nuanced ideas clearly.
- **Startup mentality:** You are comfortable navigating the fast moving, unstructured nature of a hyper-growth startup.
- You don’t need to be an AI expert, but you’re curious and willing to adopt AI tools to work smarter.

## Nice to Haves
- Participation in bug bounty programs or capture the flag exercises
- Published reports of vulnerabilities you have found or AppSec related blog posts
- Involvement in local or regional security user groups or conferences

## Compensation
For roles based in San Francisco and New York, the estimated base salary range is $165,000 - $200,000 per year.
**Apply:** https://hotfix.jobs/jobs/application-security-engineer-at-notion-b22835fc-1cdc-404e-b9e7-6c603b258995
**Canonical:** https://hotfix.jobs/jobs/application-security-engineer-at-notion-b22835fc-1cdc-404e-b9e7-6c603b258995