Secure the Future of Productivity with Notion
Imagine a world where teams can seamlessly connect docs, notes, projects, calendar, and email – all powered by AI. That's Notion, and we're looking for a passionate Security Engineer to join our ranks and protect our millions of users, from individuals to enterprises like Toyota, Figma, and OpenAI.
At Notion, we believe in in-person collaboration. As such, we require all team members to work from our offices on Mondays and Thursdays, our designated Anchor Days. Certain teams or positions may require additional in-office workdays.
The Opportunity: Become a Founding Member of Our Elite Security Team
This isn't just another security role. You'll be a founding member of a dedicated security engineering team, responsible for ensuring the security of our platform and our users' data. You'll become a go-to security expert, diving deep into our product's attack surface and collaborating with various teams to fortify our defenses.
What You'll Do:
Scale Security: Help scale the engineering organization by mentoring engineers on secure software design and architecture best practices.
Build Trust: Enable Notion's business growth by constructing a secure foundation that earns and maintains the trust of our users.
Automate Security: Design, implement, and automate a software development lifecycle that balances comprehensive vulnerability and risk detection with developer velocity.
Be a Security Champion: Act as a liaison across product, engineering, go-to-market, and security ops/compliance teams, guiding and prioritizing strategic security investments.
Assess and Advise: Participate in security assessments and provide expert guidance on internal and customer security and privacy needs (e.g., SOC2, ISO 27001, GDPR, penetration testing, and enterprise security requirements).
What You'll Bring:
Security Architecture Expertise: Proven experience building systems to secure and monitor cloud architectures. A strong ability to contribute directly to our codebase, elevating security system design and addressing vulnerabilities. Proficiency in several of the following areas:
Threat modeling
Securing cloud-based infrastructures (e.g., AWS)
Designing a secure development lifecycle (design reviews, CI/CD integrations, bug bounty programs)
Application security consulting
Secure library and framework development
Vulnerability discovery and response
Implementing core security features, from authentication to detecting and mitigating malicious activity
Offensive security mindset (e.g., penetration testing, red teaming)
Production Experience: Demonstrated experience debugging systems in production environments. A deep understanding of the challenges and rewards of continuously improving production components with minimal user disruption.
Business Acumen: A pragmatic, business-oriented approach. You understand business impact, model threat risks, and prioritize projects to balance security investments with business outcomes.
Technology Agnostic: You understand that technology choices involve tradeoffs. You're opinionated but not ideological, and you're eager to learn new technologies as needed.
Exceptional Communication: Ability to communicate complex ideas clearly and concisely, whether in writing or during real-time discussions. You engage thoughtfully with diverse perspectives and compromise when necessary.
Team Player: You thrive in collaborative environments, enjoy working cross-functionally, and are passionate about learning, growing, and helping others succeed.
Bonus Points:
Experience maintaining continuous controls and participating in audits related to customer-facing certifications (like SOC2).
Experience leading engineering teams with a security focus.
Familiarity with managing, maintaining, and monitoring systems using technologies like Amazon Web Services, Datadog, Postgres, Redis, Memcached, and Elasticsearch.
We value diverse backgrounds and perspectives. If you're a builder at heart, share our company values, and are excited about making software toolmaking ubiquitous, we encourage you to apply, even if your experience doesn't perfectly align with every bullet point.
Notion is an equal opportunity employer. We do not discriminate based on race, color, religion, national origin, age, sex, marital status, ancestry, disability, genetic information, veteran status, gender identity or expression, sexual orientation, or other legally protected characteristic. We also consider qualified applicants with criminal histories, consistent with applicable law. If you need assistance or an accommodation due to a disability, please let your recruiter know.
We offer competitive compensation, equity, and benefits. The salary range for this role in San Francisco or New York City is $240,000 - $290,000 per year, based on factors such as location, scope, complexity, experience, and expertise.
By applying, you acknowledge and agree to Notion's Global Recruiting Privacy Policy and NYLL 144.
#LI-Onsite