# Senior Infrastructure Security Engineer

**Company:** [Dropbox](https://hotfix.jobs/companies/dropbox)
**Location:** Remote
**Role:** Security Engineering
**Salary:** $190k – $290k/yr
**Experience:** 9+ years
**Skills:** Linux, Python, Go, Rust, Bash, Spiffe/Spire, Oauth 2.1, OIDC, Aws Irsa, Google Workload Identity Federation, Azure Managed Identities, Kubernetes, CI/CD, SIEM, Soar
**Posted:** 2026-06-11

> Senior security engineer focused on securing AI/agentic infrastructure, LLM/RAG systems, identity for non-human workloads, and cloud/K8s platforms. Requires 9+ years experience and strong scripting skills.

## Job Description

## Responsibilities
- Design, deploy, and operate security controls for Dropbox’s AI and agentic infrastructure, including model gateways, inference services, vector stores, retrieval systems, and supporting cloud and Kubernetes platforms.
- Implement least-privilege and secure-execution patterns for AI agents, including per-tool authorization, sandboxing, human-in-the-loop approvals for high-impact actions, and separation of policy validation from execution.
- Lead security implementation for AI tool and agent connectivity layers, including MCP gateway deployments, with controls for OAuth-based authorization, scope minimization, token audience validation, origin validation, replay protection, and secure isolation between trusted and untrusted tool domains.
- Deploy, build, and/or operate security infrastructure solutions to help scale and raise the security bar for Dropbox’s on-prem and cloud infrastructure.
- Automate security controls using scripting to eliminate redundant work and minimize need for human involvement.
- Collaborate with cross functional teams and lead security initiatives to influence product decisions and enhance security posture.

## Requirements
- 9+ years of Security experience or related industry experience, demonstrating impactful contributions to security strategies.
- Bachelor's degree in Computer Science, Information Security, or related field, or equivalent experience, with coding proficiency.
- Experience securing LLM, RAG, or agentic AI systems in production, with hands-on implementation of controls for prompt injection, sensitive-data disclosure, excessive agency, data or model poisoning, and AI supply-chain risk.
- Experience designing identity and authorization for non-human workloads and agents using technologies such as SPIFFE/SPIRE, OAuth 2.1 or OIDC, AWS IRSA, Google Workload Identity Federation, Azure managed identities, or equivalent patterns.
- Integrate adversarial testing and release gates for AI systems into CI/CD, including regression coverage for prompt injection, tool abuse, memory poisoning, approval bypass, and multi-agent escalation scenarios.
- Solid knowledge of Linux fundamentals including system administration, security, networking, scripting, and troubleshooting.
- Proficiency using one or more scripting or high-level languages to automate tasks, manipulate data, or build small systems e.g. Bash, Python, Go, Rust, Ruby, NodeJS, C/C++, Java.

## Preferred Qualifications
- Experience securing MCP-based systems or similar AI agent and tool protocols.
- Experience with multi-agent security controls such as trust boundaries, signed inter-agent messaging, and circuit breakers.
- Familiarity with NIST AI RMF, NIST SP 800-218A, MITRE ATLAS, CSA AICM, and OWASP LLM and agentic security guidance.
- Experience with security tools such as Teleport, CrowdStrike, Proofpoint, IPS/IDS, SIEM or SOAR.
- Certifications such as CISSP, CISM, or equivalent.

## Similar roles

- [Senior Security Engineering Manager, Product Security](https://hotfix.jobs/jobs/a933cd77-6fa6-4e6a-b54f-8430ab4a9a93) - Upstart - Remote - $191k – $264k/yr
- [Senior Security Engineering Manager, Enterprise Security](https://hotfix.jobs/jobs/7da3f5fe-7ae7-4bad-aae1-e1d282cdee48) - Upstart - Remote - $191k – $264k/yr
- [Senior Security Engineer, AI Security](https://hotfix.jobs/jobs/7c0e220f-b7ed-417d-935a-1876a5452199) - Reddit - Remote - $191k – $267k/yr
- [Security Engineer - Product](https://hotfix.jobs/jobs/3b4c4dd3-25b2-4d9b-8fb6-43a7a73dd2f8) - Cardless - San Francisco, CA - $190k – $260k/yr
- [Senior Application Security Engineer](https://hotfix.jobs/jobs/45402dbe-ee8f-4a25-9817-c293c712505a) - Apollo - Remote - $190k – $273k/yr

**Apply:** https://hotfix.jobs/jobs/f7e815e7-b9b7-4df4-a889-e6d7d1e91808
**Canonical:** https://hotfix.jobs/jobs/f7e815e7-b9b7-4df4-a889-e6d7d1e91808