AI Software Engineer, Security
full-time
lead
Posted 1 month ago
Apply Now
Stand out: build a proof-of-work pitch →
Free GitHub-based preview. Direct apply stays one click away.
Get weekly job alerts like this →Hiring for this role?
AI Market Demand Pack · $29 one-time
Compare this role's skills with the full AI hiring market. Get ranked demand, salary bands, leading companies, public source URLs, and a decision brief.
About this role
WHO WE ARE
Notion is the collaborative AI workspace where teams and agents think together https://www.youtube.com/watch?v=vkpYpWfEK5s. We're building one place where your knowledge, projects, meetings, and AI tools live side by side, so work is faster, clearer, and less fragmented. Millions of individuals, small teams, and large companies run their work on Notion.
Notinos (our employees) are customer zero in bringing this future of work to life. We care about craft, building things that last, and the belief that great work is still fundamentally human. Our goal isn’t to ship the next feature. Each and every team of Notinos is working to set the standard for how humans work together in the AI era. From building a business’s system of record to making and managing AI agents to automating away the busy work, we care deeply about giving our customers more time for their life’s work.
ABOUT THE ROLE:
Notion is looking for an experienced engineer who has designed and built secure software systems to help define the security foundations for our AI products. You’ll work with product and engineering teams on agent runtimes, tool permissions, retrieval, content writes, observability, and abuse-resistant design. You’ll turn product risks into clear architecture, reusable guardrails, automated tests, and production systems that help teams ship new features safely.
This role is based in San Francisco. We work from our offices on Mondays, Tuesdays and Thursdays (our Anchor Days) because we do our best thinking and building together in person. We’re looking for someone who’s excited to work alongside the team during those days.
WHAT YOU'LL ACHIEVE:
- Define and build security architecture for product surfaces that operate across customer workspace content, including tool execution, content writes, retrieval, permission checks, provenance, and auditability.
- Make the secure path the easy path for product teams by shipping reusable libraries, review patterns, test fixtures, and guardrails that prevent classes of vulnerabilities.
- Build automated red-team and regression testing for risks such as prompt injection, indirect instruction following, data exfiltration, tool misuse, cross-tenant leakage, and unsafe workspace mutations.
- Translate threat models for new product surfaces into concrete engineering requirements, production checks, and launch criteria.
- Use production signals, incident learnings, and targeted experiments to harden Notion over time, then feed those learnings back into architecture and developer workflows.
- Help define the security bar for how engineers use coding agents, MCP-enabled tools, hooks, and internal automation without introducing new risk.
SKILLS YOU'LL NEED TO BRING:
- Secure software engineering craft: You have 8-10+ years of experience designing, building, or securing complex software systems, and you are comfortable working in production code with product and platform engineers.
- Security architecture judgment: You can look at a complex system and reason about where the permissions, data flow, or trust boundaries are likely to get weird, and help re-design it to make them better.
- Security product strategy: You can turn a complex security risk you see into a product design or architecture that can be built.
- Builder mindset: You’d rather leave behind a useful tool, test, library, or pattern than a task or project for someone else to pick up later.
NICE TO HAVES:
- Experience building or securing products with tool use, retrieval, workflow automation, content writes, or complex permission boundaries.
- Hands-on experience with prompt-injection testing, red teaming, model behavior evaluation, or abuse-resistant application design.
- Experience with enterprise SaaS security models: permissions, sharing, audit logs, data residency, encryption, compliance, or customer-facing trust guarantees.
- Experience building developer tooling, CI checks, coding-agent workflows, MCP integrations, or internal frameworks that shape how engineers build software.
- Public security research, vulnerability writeups, conference talks, or open-source work related to product security or secure developer infrastructure.
Notion is committed to providing highly competitive cash compensation, equity, and benefits. The compensation offered for this role will be based on multiple factors such as location, the role’s scope and complexity, and the candidate’s experience and expertise, and may vary from the range provided below. For roles based in San Francisco, the estimated base salary range for this role is $290,000 - $350,000 per year.
By clicking “Submit Application”, I understand and agree that Notion and its affiliates and subsidiaries will collect and process my information in accordance with Notion’s Global Recruiting Privacy Policy https://notion.notion.site/Notion-Global-Recruiting-Privacy-Policy-fc3eb4e829354a26a
Similar Jobs
Related searches:
Get jobs like this delivered weekly
Free AI jobs newsletter. No spam.