All interviews
Notion logo

Notion

Senior

Own authentication migrations, AI guardrail infrastructure, and authz platform direction at Notion

Notion is hiring a security engineer with 10+ years of experience to own cross-cutting security programs spanning identity/authz, AI agent safety, and platform primitives across 5-10+ engineering teams. This interview probes deep hands-on experience with authentication migrations (SAML/OIDC, OAuth, passkeys, CSP), AI/LLM security protections (prompt injection, provenance), authorization architecture tradeoffs (e.g., SpiceDB vs Macaroons), and the judgment to drive multi-quarter, customer-facing security changes safely.

Step into this interview

Free · a live voice mock calibrated to this exact role

Practice this interview

What this interview tests

  • Authentication migrations (SAML/OIDC, OAuth, passkeys, CSP, session semantics)
  • AI/LLM security: prompt injection protections and content provenance
  • Authorization platform architecture tradeoffs (e.g., SpiceDB vs Macaroons)
  • Driving multi-quarter, cross-team security programs via RFCs
  • Mentoring and scaling security practices across partner teams

Common question themes

Walk through a multi-quarter authentication migration you owned end-to-end, including rollout and backwards-compatibility tradeoffs

How would you design prompt-injection protections and a provenance system for AI-generated content across surfaces like Mail/Calendar/MCP

Reason through an authorization architecture tradeoff (e.g., centralized policy store vs. capability-based tokens)

Tell me about writing a security RFC and aligning 5-10+ engineering teams behind it despite pushback

A time you had to balance security rigor against product velocity — how did you decide, and what happened

How do you scale security practices across partner teams without becoming a bottleneck

View the original posting

Related interviews