Security Engineer, Corporate Security

WHO WE ARE

Notion is the collaborative AI workspace where teams and agents think together https://www.youtube.com/watch?v=vkpYpWfEK5s. We're building one place where your knowledge, projects, meetings, and AI tools live side by side, so work feels faster, clearer, and less fragmented. Millions of individuals, small teams, and large companies run their work on Notion.

Notinos (our employees) are customer zero in bringing this future of work to life. We care about craft, humanity, and building things that last — not just shipping the next feature, but setting a standard for how modern teams (with humans and agents working together) think and execute.

ABOUT US:

Notion helps you build beautiful tools for your life’s work. In today's world of endless apps and tabs, Notion provides one place for teams to get everything done, seamlessly connecting docs, notes, projects, calendar, and email—with AI built in to find answers and automate work. Millions of users, from individuals to large organizations like Toyota, Figma, and OpenAI, love Notion for its flexibility and choose it because it helps them save time and money.

In-person collaboration is essential to Notion's culture. We require all team members to work from our offices on Mondays, Tuesdays, and Thursdays, our designated Anchor Days. Certain teams or positions may require additional in-office workdays.

ABOUT THE ROLE:

Millions of people rely on Notion to do their most important work. Protecting that trust starts with protecting the people who build Notion: our employees, their laptops, their identities, and the SaaS apps they rely on every day.

We are looking for a hands-on Corporate Security Engineer to own and improve the technical controls that keep our workforce and corporate environment safe. This is a security engineering role focused on building scalable controls and automation across identity, endpoints, SaaS, and workforce infrastructure, not a traditional IT support or corporate engineering role.

You'll own and evolve core security controls, design systems and automation that scale with the company, and help make security both stronger and easier to use. You'll partner closely with IT, Infrastructure, GRC, and Detection & Response to improve the security foundations that employees rely on every day.

WHAT YOU'LL ACHIEVE:

- Harden our identity and access management stack, including Okta and Google Workspace, with phishing-resistant MFA, strong SSO and SCIM lifecycles, and least-privilege access across SaaS.

- Run our endpoint security program across a macOS-first fleet, including MDM, EDR, and configuration baselines, with working coverage for Windows and ChromeOS.

- Secure AI tool usage at the endpoint, including governance of large language models, AI agents, and model context protocol (MCP) integrations; detect and prevent unauthorized or risky AI service access and data exfiltration through AI-enabled tools.

- Reduce SaaS risk at scale through SSPM to