Security Engineer Corporate Security

Notion is the collaborative AI workspace where teams and agents think together. We're building one place where your knowledge projects meetings and AI tools live side by side so work is faster clearer and less fragmented. Millions of individuals small teams and large companies run their work on Notion.

Notinos (our employees) are customer zero in bringing this future of work to life. We care about craft building things that last and the belief that great work is still fundamentally human. Our goal isn’t to ship the next feature. Each and every team of Notinos is working to set the standard for how humans work together in the AI era. From building a business’s system of record to making and managing AI agents to automating away the busy work we care deeply about giving our customers more time for their life’s work.

Notion helps you build beautiful tools for your life’s work. In today's world of endless apps and tabs Notion provides one place for teams to get everything done seamlessly connecting docs notes projects calendar and email—with AI built in to find answers and automate work. Millions of users from individuals to large organizations like Toyota Figma and OpenAI love Notion for its flexibility and choose it because it helps them save time and money.

In-person collaboration is essential to Notion's culture. We require all team members to work from our offices on Mondays Tuesdays and Thursdays our designated Anchor Days. Certain teams or positions may require additional in-office workdays.

Millions of people rely on Notion to do their most important work. Protecting that trust starts with protecting the people who build Notion: our employees their laptops their identities and the SaaS apps they rely on every day.

We are looking for a hands-on Corporate Security Engineer to own and improve the technical controls that keep our workforce and corporate environment safe. This is a security engineering role focused on building scalable controls and automation across identity endpoints SaaS and workforce infrastructure not a traditional IT support or corporate engineering role.

You'll own and evolve core security controls design systems and automation that scale with the company and help make security both stronger and easier to use. You'll partner closely with IT Infrastructure GRC and Detection & Response to improve the security foundations that employees rely on every day.

• Harden our identity and access management stack including Okta and Google Workspace with phishing-resistant MFA strong SSO and SCIM lifecycles and least-privilege access across SaaS.

• Run our endpoint security program across a macOS-first fleet including MDM EDR and configuration baselines with working coverage for Windows and ChromeOS.

• Secure AI tool usage at the endpoint including governance of large language models AI agents and model context protocol (MCP) integrations; detect and prevent unauthorized or risky AI service access and data exfiltration through AI-enabled tools.

• Reduce SaaS risk at scale through SSPM tooling and custom automation including detection of risky OAuth grants excessive permissions shadow IT and configuration drift.

• Write code (Python Terraform) to automate access reviews onboarding and offboarding configuration drift detection and audit evidence collection.

• Partner with Detection & Response to ensure corporate systems produce the telemetry needed to detect identity endpoint and SaaS abuse.

• Support SOC 2 ISO 27001 and customer audits as a byproduct of good engineering not a separate workstream.

• Partner with Detection & Response on investigation and response for corporate security incidents including phishing account compromise lost devices and BEC.

• Have 5+ years of hands-on experience in corporate security enterprise security or IT security engineering at a cloud-native company.

• Have working knowledge of a major identity provider (Okta Entra or Google Workspace) and the underlying protocols (SAML OIDC OAuth 2.0 SCIM).

• Have hands-on experience operating endpoint management and detection tooling across macOS and enterprise environments.

• Write production-quality scripts and automation in Python or Bash and have shipped Terraform or other infrastructure-as-code for security configuration.

• Are familiar with SaaS security risks (OAuth governance audit logging SSPM) and the realities of integrating a long tail of vendors.

• Have working knowledge of at least one major cloud platform (AWS GCP or Azure) at the security configuration level.

• Communicate clearly in writing and work effectively across IT Engineering Legal People and GRC.
  

• Experience at a fast-growing tech or AI company where the security program had to outpace headcount.

• A background in IT engineering SRE or production engineering that transitioned into security engineering.

• Experience building internal security tooling or workflows that improved employee or developer experience.

• Contributions to the security community through open-source tools blog posts or conference talks.

We hire talented and passionate people from a variety of backgrounds because we want our global employee base to represent the wide diversity of our customers. If you’re excited about a role but your past experience doesn’t align perfectly with every bullet point listed in the job description we still encourage you to apply. If you’re a builder at heart share our company values and enthusiastic about making software toolmaking ubiquitous we want to hear from you.

Notion is proud to be an equal opportunity employer. We do not discriminate in hiring or any employment decision based on race color religion national origin age sex (including pregnancy childbirth or related medical conditions) marital status ancestry physical or mental disability genetic information veteran status gender identity or expression sexual orientation or other applicable legally protected characteristic. Notion considers qualified applicants with criminal histories consistent with applicable federal state and local law. Notion is also committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability please let your recruiter know.

Notion is committed to providing highly competitive cash compensation equity and benefits. The compensation offered for this role will be based on multiple factors such as location the role’s scope and complexity and the candidate’s experience and expertise and may vary from the range provided below. For roles based in San Francisco or New York City the estimated base salary range for this role is $200000 - $220000 per year.

By clicking “Submit Application” I understand and agree that Notion and its affiliates and subsidiaries will collect and process my information in accordance with Notion’s Global Recruiting Privacy Policy and NYLL 144.

#LI-Onsite

You don’t need deep AI expertise for every role but we do expect every Notino to be intellectually curious drawn to tinkering and discovery and excited to use AI as a real collaborator in their work. For some roles AI fluency is a core requirement — when that’s the case we'll say so explicitly in the qualifications. People who thrive here don’t treat AI as a novelty. They use it to think better and make their work easier for others to build on.

We hire talented people from a wide range of backgrounds. If you’re excited about this role but don’t meet every bullet we still encourage you to apply. Notion is an equal opportunity employer and does not discriminate on the basis of any legally protected characteristic. Consistent with applicable law we will consider for employment qualified applicants with arrest and conviction records. Notion provides reasonable accommodations during the application process; if you need one please let your recruiter know.

Notion is proud to be an equal opportunity employer. We do not discriminate in hiring or any employment decision based on race color religion national origin age sex (including pregnancy childbirth or related medical conditions) marital status ancestry physical or mental disability genetic information veteran status gender identity or expression sexual orientation or other applicable legally protected characteristic. Notion considers qualified applicants with criminal histories consistent with applicable federal state and local law. Notion is also committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability please let your recruiter know.

What We Do

Notion blends your everyday work tools into one. Product roadmap? Company wiki? Meeting notes? With Notion they're all in one place and totally customizable to meet the needs of any workflow. It's the all-in-one workspace for you your team and your whole company. Mission: We humans are toolmakers by nature but most of us can't build or modify the software we use every day — arguably our most powerful tool. Here at Notion we're on a mission to make it possible for everyone to shape the tools that shape their lives.

Why Work With Us

Here at Notion our work shapes our culture and our culture inspires our work. We seek to hire creative toolmakers that want to be the best in their craft. If every employee is able to focus on being the best toolmaker in their craft we'll be able to achieve our mission of enabling the world to better solve its problems.

Gallery