All interviews
Notion logo

Notion

Mid

Hardening Notion's identity, endpoint, and SaaS surface — not IT support, security engineering

A corporate security engineering role at Notion focused on hardening identity (Okta/Google Workspace), endpoint management across a macOS-first fleet, and reducing SaaS/shadow-IT risk at scale through automation. Strong candidates show 5+ years of hands-on IAM and endpoint security work, can write production Python/Terraform, and understand how to make security controls scale with headcount rather than being a bottleneck.

Step into this interview

Free · a live voice mock calibrated to this exact role

Practice this interview

What this interview tests

  • Identity & access management hardening (Okta/Entra/Google Workspace, SAML/OIDC/OAuth/SCIM)
  • Endpoint security program ops (MDM, EDR, macOS-first fleet)
  • SaaS risk reduction at scale (SSPM, OAuth governance, shadow IT)
  • Security automation and IaC (Python, Bash, Terraform)
  • Securing AI tool usage (LLM/agent/MCP governance)
  • Compliance as an engineering byproduct (SOC 2, ISO 27001)

Common question themes

Walk through hardening an identity provider end-to-end (MFA, SSO, SCIM lifecycle)

How would you detect and prevent unauthorized or risky AI/MCP tool usage on employee endpoints

Describe a Python or Terraform automation you built for access reviews or SaaS config drift detection

How do you reduce shadow IT and OAuth over-permissioning across a long tail of SaaS vendors

Tell me about a corporate security incident you helped investigate (phishing, BEC, lost device)

How do you make security controls scale as headcount grows faster than the security team

View the original posting

Related interviews