Skip to main content
Notion

Software Engineer - Security

3w

Notion

San Francisco, US · Full-time · $290,000 – $350,000

About this role

Notion is building the collaborative AI workspace where teams and agents think together. We are hiring an experienced security engineer to own cross-cutting programs at the intersection of product, infrastructure, and AI. This role is hands-on with core security primitives while coordinating across multiple engineering teams.

You will be the primary owner for key authentication migrations, AI guardrail infrastructure, and authorization platform direction. This work directly unblocks enterprise security commitments, AI-agent launches, and the next milestone in our authz architecture. You will land multi-quarter changes with clear rollout plans and minimal customer disruption.

In-person collaboration is essential to our culture, with all team members working from our offices on Mondays, Tuesdays, and Thursdays. Notinos are customer zero in bringing this future of work to life, caring about craft, humanity, and building things that last. Millions of individuals and large companies run their work on Notion.

By day 90, you will own one P0 security program end-to-end and ship an AI leverage piece for internal security. By end of year one, you will raise the bar on security engineering craft by setting clearer standards for secure primitives. This role offers the chance to shape security at scale in a rapidly growing platform.

Requirements

  • 10+ years of experience in security engineering.
  • Demonstrated ability to ship security-critical infrastructure in production systems, including identity/authentication, authorization, and platform primitives.
  • Experience with authentication migrations (SAML/OIDC, OAuth, passkeys) and security primitives.
  • Ability to coordinate across 5–10+ engineering teams to land multi-quarter changes safely.
  • Hands-on experience with core security primitives and AI safety guardrails.
  • Strong architectural judgment for authorization platforms (e.g., SpiceDB vs. Macaroons).
  • Proven track record of owning cross-cutting security programs end-to-end.

Responsibilities

  • Modernize and migrate authentication across Notion’s product surfaces, including SAML/OIDC, OAuth flows, session semantics, passkeys, and redirect handling.
  • Build and operate Notion’s AI safety guardrail stack, including prompt-injection protections and an external-source provenance system for AI-generated content.
  • Advance the authorization platform direction by driving architectural trade-offs and shipping reusable primitives that product teams can adopt.
  • Own one P0 security program end-to-end by day 90, from RFC and rollout plan to measurable risk reduction.
  • Ship one piece of AI leverage, such as an internal security agent for triage, verification, and continuous checks.
  • Raise the bar on security engineering craft by setting clearer standards for secure primitives and reducing recurring vulnerabilities through better systems.