ForgeApply · Job listing
AI Software Engineer, Security
Notion
Apply in about a minute — without sacrificing quality.
ForgeApply autofills this application and tailors your resume to this exact posting. You review everything before it's sent. Free trial, no card required.
About this role
WHO WE ARE
Notion is the collaborative AI workspace where teams and agents think together https://www.youtube.com/watch?v=vkpYpWfEK5s. We're building one place where your knowledge, projects, meetings, and AI tools live side by side, so work is faster, clearer, and less fragmented. Millions of individuals, small teams, and large companies run their work on Notion.
Notinos (our employees) are customer zero in bringing this future of work to life. We care about craft, building things that last, and the belief that great work is still fundamentally human. Our goal isn’t to ship the next feature. Each and every team of Notinos is working to set the standard for how humans work together in the AI era. From building a business’s system of record to making and managing AI agents to automating away the busy work, we care deeply about giving our customers more time for their life’s work.
ABOUT THE ROLE:
Notion is looking for an experienced engineer who has designed and built secure software systems to help define the security foundations for our AI products. You’ll work with product and engineering teams on agent runtimes, tool permissions, retrieval, content writes, observability, and abuse-resistant design. You’ll turn product risks into clear architecture, reusable guardrails, automated tests, and production systems that help teams ship new features safely.
This role is based in San Francisco. We work from our offices on Mondays, Tuesdays and Thursdays (our Anchor Days) because we do our best thinking and building together in person. We’re looking for someone who’s excited to work alongside the team during those days.
WHAT YOU'LL ACHIEVE:
- Define and build security architecture for product surfaces that operate across customer workspace content, including tool execution, content writes, retrieval, permission checks, provenance, and auditability.
- Make the secure path the easy path for product teams by shipping reusable libraries, review patterns, test fixtures, and guardrails that prevent classes of vulnerabilities.
- Build automated red-team and regression testing for risks such as prompt injection, indirect instruction following, data exfiltration, tool misuse, cross-tenant leakage, and unsafe workspace mutations.
- Translate threat models for new product surfaces into concrete engineering requirements, production checks, and launch criteria.
- Use production signals, incident learnings, and targeted experiments to harden Notion over time, then feed those learnings back into architecture and developer workflows.
- Help define the security bar for how engineers use coding agents, MCP-enabled tools, hooks, and internal automation without introducing new risk.
SKILLS YOU'LL NEED TO BRING:
- Secure software engineering craft: You have 8-10+ years of experience designing, building, or securing complex software systems, and you are comfortable working in production code with product and platform engineers.
- Security architecture judgment: You can look at a complex system and reason about where the permissions, data flow, or trust boundaries are likely to get weird, and help re-design it to make them better.
- Security product strategy: You can turn a complex security risk you see into a product design or architecture that can be built.
- Builder mindset: You’d rather leave behind a useful tool, test, library, or pattern than a long doc.
NICE TO HAVES:
- Experience building or securing products with tool use, retrieval, workflow automation, content writes, or complex permission boundaries.
- Hands-on experience with prompt-injection testing, red teaming, model behavior evaluation, or abuse-resistant application design.
- Experience with enterprise SaaS security models: permissions, sharing, audit logs, data residency, encryption, compliance, or customer-facing trust guarantees.
- Experience building developer tooling, CI checks, coding-agent workflows, MCP integrations, or internal frameworks that shape how engineers build software.
- Public security research, vulnerability writeups, conference talks, or open-source work related to product security or secure developer infrastructure.
Notion is committed to providing highly competitive cash compensation, equity, and benefits. The compensation offered for this role will be based on multiple factors such as location, the role’s scope and complexity, and the candidate’s experience and expertise, and may vary from the range provided below. For roles based in San Francisco, the estimated base salary range for this role is $290,000 - $350,000 per year.
By clicking “Submit Application”, I understand and agree that Notion and its affiliates and subsidiaries will collect and process my information in accordance with Notion’s Global Recruiting Privacy Policy https://notion.notion.site/Notion-Global-Recruiting-Privacy-Policy-fc3eb4e829354a26a2bb6fd5e289b550. https://dev.notion.so/a3ce416456924276a59de91bca740028?pvs=21
#LI-Onsite
A NOTE ON AI
You don’t need deep AI expertise for every role, but we do expect every Notino to be intellectually curious, drawn to tinkering and discovery, and excited to use AI as a real collaborator in their work. For some roles, AI fluency is a core requirement — when that’s the case, we'll say so explicitly in the qualifications. People who thrive here don’t treat AI as a novelty. They use it to think better, and make their work easier for others to build on.
EQUAL OPPORTUNITY & ACCOMMODATIONS
We hire talented people from a wide range of backgrounds. If you’re excited about this role but don’t meet every bullet, we still encourage you to apply. Notion is an equal opportunity employer and does not discriminate on the basis of any legally protected characteristic. Consistent with applicable law, we will consider for employment qualified applicants with arrest and conviction records. Notion provides reasonable accommodations during the application pro
Ready to apply to Notion?
Apply in about a minuteSimilar jobs
- AI Security Engineer — Obsidiansecurity · Palo Alto, California, USA
- AI Application Security Engineer — Brainco · San Francisco Bay Area
- Staff Security Software Engineer, AI Security — Databricks · Remote
- Senior Software Engineer, Security — Nexhealth · San Francisco, California, United States
- Senior Software Engineer, Security — Nexhealth · Seattle, Washington, United States
- Senior Software Engineer, Security — Goteleport · Remote
- Senior Software Engineer, Security — Crusoe · San Francisco, CA - US
- Senior Software Engineer, Security — Seatgeek · Remote - United States
More like this: Software Engineer Jobs · Software Engineer Jobs in San Francisco · Browse all jobs