
Notion
Senior
Own authentication migrations, AI guardrail infrastructure, and authz platform direction at Notion
Notion is hiring a security engineer with 10+ years of experience to own cross-cutting security programs spanning identity/authz, AI agent safety, and platform primitives across 5-10+ engineering teams. This interview probes deep hands-on experience with authentication migrations (SAML/OIDC, OAuth, passkeys, CSP), AI/LLM security protections (prompt injection, provenance), authorization architecture tradeoffs (e.g., SpiceDB vs Macaroons), and the judgment to drive multi-quarter, customer-facing security changes safely.
走进这场面试
免费 · 一场按这个岗位校准的真语音模拟
这场面试考什么
- Authentication migrations (SAML/OIDC, OAuth, passkeys, CSP, session semantics)
- AI/LLM security: prompt injection protections and content provenance
- Authorization platform architecture tradeoffs (e.g., SpiceDB vs Macaroons)
- Driving multi-quarter, cross-team security programs via RFCs
- Mentoring and scaling security practices across partner teams
常见提问方向
Walk through a multi-quarter authentication migration you owned end-to-end, including rollout and backwards-compatibility tradeoffs
How would you design prompt-injection protections and a provenance system for AI-generated content across surfaces like Mail/Calendar/MCP
Reason through an authorization architecture tradeoff (e.g., centralized policy store vs. capability-based tokens)
Tell me about writing a security RFC and aligning 5-10+ engineering teams behind it despite pushback
A time you had to balance security rigor against product velocity — how did you decide, and what happened
How do you scale security practices across partner teams without becoming a bottleneck
相关面试

Notion
Mid
Developer Advocate

Notion
Manager
Engineering Manager, Mobile AI

Notion
Senior
Engineering Manager, Search & Context Platform

Replit
Senior
Senior Software Engineer, Trust & Safety

Affirm
Senior
Senior Software Engineer, Backend (Growth Platform)

Cohere
Senior