Skip to content
NotionNotionSan Francisco, CA

Software Engineer, Security

Security engineer owning cross-cutting auth, authorization, and AI guardrail programs across product and infrastructure. Requires 10+ years shipping security-critical infrastructure and experience with AI/LLM protections.

290k – 350k
Hybrid10+ YOESecurity Engineering

About the role

What You'll Achieve

  • Modernize and migrate authentication across Notion’s product surfaces (SAML/OIDC, OAuth flows, session semantics, passkeys, CSP, redirect handling), landing multi-quarter changes with clear rollout plans and minimal customer disruption.
  • Build and operate Notion’s AI safety guardrail stack, including prompt-injection protections (vendor evaluation, deployment model decisions, integration with agents) and an external-source provenance system for AI-generated content across Mail, Calendar, and MCP.
  • Advance our authorization platform direction by driving crisp architectural trade-offs (e.g., SpiceDB vs. Macaroons) and shipping reusable primitives that product teams can adopt without bespoke security work.
  • By day 90: own one P0 security program end-to-end—RFC, rollout plan, partner alignment, execution, and measurable risk reduction—plus ship one piece of AI leverage (e.g., an internal security agent for triage/verification/continuous checks) that improves correctness and reduces time-to-resolution.
  • By end of year 1: raise the bar on security engineering craft by setting clearer standards for secure primitives (auth/authz, provenance, domain posture), improving adoption paths for partner teams, and reducing recurring classes of vulnerabilities through better systems—not heroics.

Skills You'll Need to Bring

  • Demonstrated ability to ship security-critical infrastructure in production systems (identity/authentication, authorization, platform primitives), including migrations that affect customers and require careful rollout and backwards compatibility.
  • Strong judgment navigating ambiguous trade-offs (security vs. product velocity, correctness vs. ergonomics, centralized platforms vs. local autonomy), with a track record of writing clear RFCs and aligning cross-functional stakeholders.
  • Experience building or operating AI/LLM security protections (e.g., prompt injection, tool/data provenance, policy enforcement) or a clear ability to ramp quickly and lead in an emerging domain.
  • High agency and systems mindset: you proactively find the real constraint, unblock partner teams, and build primitives that compound across the org (not one-off fixes).
  • Comfort mentoring and multiplying others—through intern/project ownership, enablement sessions, and pragmatic security guidance that engineers actually adopt.

Skills

SAMLOIDCOAuthPasskeysCspSpicedbMacaroonsAi SafetyPrompt InjectionAuthorization Systems
OpenAI

Staff Security Reliability Engineer

OpenAISan Francisco, CA

Senior technical owner designing, building, and operating secure, reliable infrastructure-as-code platforms for identity, access, and shared services. Requires 10+ years of hands-on SRE experience in high-reliability on-prem/hybrid environments.

293k – 385k
Hybrid10+ YOESecurity Engineering
Envoy

Member of Technical Staff, SecOps & Threat Detection Engineer

EnvoySan Francisco, CA

Staff Security Engineer owning threat detection, SIEM architecture, and security operations for cloud, apps, and endpoints. Requires 6+ years in security/SRE/infra engineering with experience building detection-as-code, endpoint monitoring (SentinelOne), and driving MTTD/MTTR improvements in AWS environments.

265k – 310k
On-site7+ YOESecurity Engineering
Anthropic

Staff+ Application Security Engineer

AnthropicSan Francisco, CA +2

Staff Application Security Engineer focused on M&A due diligence and secure integration of acquired codebases and systems at Anthropic. Lead security assessments, risk readouts, post-close remediation and automation using Claude, while contributing to core AppSec work. Requires 7+ years AppSec experience, rapid codebase assessment skills, and coding ability.

320k – 485k
Hybrid7+ YOESecurity Engineering
Replit

Staff Software Engineer, Fraud

ReplitFoster City, CA

Build and operate AI-powered fraud/abuse detection systems defending Replit's platform from phishing, cryptomining, account takeover, and LLM abuse. Requires 8+ years in security/anti-abuse, Python/TypeScript, SQL at scale, and ML/LLM classifier experience.

250k – 315k
Hybrid8+ YOESecurity Engineering
Replit

Staff Software Engineer, Risk

ReplitFoster City, CA

Build and operate AI-powered abuse detection systems that defend Replit's platform from phishing, cryptomining, LLM token farming, and other attacks. Own end-to-end detection, investigation, and automated response across millions of daily actions.

250k – 315k
Hybrid8+ YOESecurity Engineering