Dropbox
Senior
Senior Infrastructure Security Engineer securing Dropbox's AI and agentic infrastructure — identity, authZ, and guardrails for non-human actors
Dropbox is hiring a Senior Infrastructure Security Engineer (9+ years, IC4) to design and operate infrastructure-level security controls for Dropbox's AI and agentic infrastructure, spanning cloud, Kubernetes, and data stores. The JD is unusually specific about AI-native security: identity and authorization for non-human agents (SPIFFE/SPIRE, OAuth 2.1, OIDC), defenses against prompt injection and model poisoning, and multi-agent trust boundaries — this card is built entirely around that specificity rather than generic cloud security.
Step into this interview
Free · a live voice mock calibrated to this exact role
What this interview tests
- Identity and authZ for non-human agents (SPIFFE/SPIRE, OAuth 2.1, OIDC)
- AI-specific vulnerabilities: prompt injection, model/data poisoning, supply-chain risk
- Multi-agent security: trust boundaries, signed messaging, circuit breakers
- Policy-as-code and infrastructure-as-code for cloud/AI platforms
- Kubernetes and cloud infrastructure hardening (AWS/GCP/Azure)
Common question themes
How would you design authentication and authorization for AI agents acting as non-human actors
Walk through securing a system against prompt injection or data/model poisoning in production
How do you establish trust boundaries and signed messaging between agents in a multi-agent system
Describe implementing policy-as-code to enforce security controls across cloud infrastructure at scale
How would you review an upcoming Kubernetes or cloud infrastructure change for hardening opportunities
What's your experience securing MCP-based systems or similar AI tool-use protocols