Software Engineer, Security

About The Position

Requirements

• Demonstrated ability to ship security-critical infrastructure in production systems (identity/authentication, authorization, platform primitives), including customer-impacting migrations with careful rollout and backward compatibility.
• Strong judgment in navigating ambiguous trade-offs (security vs. product velocity, correctness vs. ergonomics, centralized platforms vs. local autonomy).
• Track record of writing clear RFCs and aligning cross-functional stakeholders.
• Experience building or operating AI/LLM security protections (e.g., prompt injection, tool/data provenance, policy enforcement) or a clear ability to ramp quickly and lead in an emerging domain.
• High agency and systems mindset: proactively identify constraints, unblock partner teams, and build compounding primitives.
• Comfort mentoring and multiplying others through intern/project ownership, enablement sessions, and pragmatic security guidance.

Responsibilities

• Modernize and migrate authentication across Notion’s product surfaces (SAML/OIDC, OAuth flows, session semantics, passkeys, CSP, redirect handling), ensuring smooth rollouts with minimal customer disruption.
• Build and operate Notion’s AI safety guardrail stack, including prompt-injection protections and an external-source provenance system for AI-generated content.
• Advance the authorization platform direction by making architectural trade-offs and shipping reusable primitives for product teams.
• Own P0 security programs end-to-end, including RFCs, rollout plans, stakeholder alignment, execution, and risk reduction.
• Ship AI leverage to improve security operations, such as an internal security agent for triage and verification.
• Set clearer standards for secure primitives (auth/authz, provenance, domain posture) and improve adoption paths for partner teams.
• Reduce recurring classes of vulnerabilities through improved systems.

Benefits

• Highly competitive cash compensation
• Equity
• Benefits