Senior Infrastructure Security Engineer
Don't apply into the void.
Most applications for this Dropbox role vanish into an ATS. With jobfinder-ai, your agent finds the actual hiring manager or founder behind this opening and sends a tailored email from your own inbox — so a real person reads your pitch and replies. We then follow up until you land on the calendar.
Reach the decision-maker — $5About the role
<h2>Role Description</h2> <p><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qowz80ziz90zz66z78z76zz71zdz75zz89ztz80zlz90zz86zlisz88zz68zz88zoz83zz89zgz87zslz76zz80z">At Dropbox, we believe in simplifying the way people work together. We provide a range of innovative cloud-based solutions to empower individuals and businesses to share, access, and collaborate on their files seamlessly. Security plays a pivotal role in shaping our mission of building a more enlightened way of working where everyone can unleash their creative potential without constraints.</span></p> <p><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qowz80ziz90zz66z78z76zz71zdz75zz89ztz80zlz90zz86zlisz88zz68zz88zoz83zz89zgz87zslz76zz80z">As a Security Engineer, you'll safeguard our digital ecosystem alongside a diverse team of professionals dedicated to protecting our products and users. Trusted by millions, our mission is to integrate security seamlessly into Dropbox, empowering confident collaboration. Join us in owning a range of security projects, fostering innovation and growth in a collaborative environment.</span></p> <div> <p><span class=" author-d-iz88z86z86za0dz67zz78zz78zz74zz68zjz80zz71z9iz90z95lz89zy6z71zz79zz84zz68zyz69zupz72zz79zcz69zz76zkz79zp1z66ztz67zxz71zz89zz86zz71z">Our Engineering Career Framework is </span><span class="attrlink url author-d-iz88z86z86za0dz67zz78zz78zz74zz68zjz80zz71z9iz90z95lz89zy6z71zz79zz84zz68zyz69zupz72zz79zcz69zz76zkz79zp1z66ztz67zxz71zz89zz86zz71z"><a class="attrlink" href="https://dropbox.github.io/dbx-career-framework/" target="_blank" data-target-href="https://dropbox.github.io/dbx-career-framework/"><u>viewable by anyone outside the company</u></a></span><span class=" author-d-iz88z86z86za0dz67zz78zz78zz74zz68zjz80zz71z9iz90z95lz89zy6z71zz79zz84zz68zyz69zupz72zz79zcz69zz76zkz79zp1z66ztz67zxz71zz89zz86zz71z"> and describes what’s expected for our engineers at each of our career levels. Check out our blog post on this topic and more </span><span class="attrlink url author-d-iz88z86z86za0dz67zz78zz78zz74zz68zjz80zz71z9iz90z95lz89zy6z71zz79zz84zz68zyz69zupz72zz79zcz69zz76zkz79zp1z66ztz67zxz71zz89zz86zz71z"><a class="attrlink" href="https://dropbox.tech/culture/sharing-our-engineering-career-framework-with-the-world" target="_blank" data-target-href="https://dropbox.tech/culture/sharing-our-engineering-career-framework-with-the-world">here</a></span><span class=" author-d-iz88z86z86za0dz67zz78zz78zz74zz68zjz80zz71z9iz90z95lz89zy6z71zz79zz84zz68zyz69zupz72zz79zcz69zz76zkz79zp1z66ztz67zxz71zz89zz86zz71z">.</span></p> </div> <h2>Responsibilities</h2> <ul> <li><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qovukz87zz90zxpkuz122zz80zsz67zz122zm5fxz70zz77zfdz84zz70z4sgz89zcify">Design, deploy, and operate security controls for Dropbox’s AI and agentic infrastructure, including model gateways, inference services, vector stores, retrieval systems, and supporting cloud and Kubernetes platforms.</span></li> <li><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qovukz87zz90zxpkuz122zz80zsz67zz122zm5fxz70zz77zfdz84zz70z4sgz89zcify">Implement least-privilege and secure-execution patterns for AI agents, including per-tool authorization, sandboxing, human-in-the-loop approvals for high-impact actions, and separation of policy validation from execution. </span></li> <li><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qovukz87zz90zxpkuz122zz80zsz67zz122zm5fxz70zz77zfdz84zz70z4sgz89zcify">Lead security implementation for AI tool and agent connectivity layers, including MCP gateway deployments, with controls for OAuth-based authorization, scope minimization, token audience validation, origin validation, replay protection, and secure isolation between trusted and untrusted tool domains. </span></li> <li><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qowz80ziz90zz66z78z76zz71zdz75zz89ztz80zlz90zz86zlisz88zz68zz88zoz83zz89zgz87zslz76zz80z">Deploy, build, and/or operate security infrastructure solutions to help scale</span><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qovukz87zz90zxpkuz122zz80zsz67zz122zm5fxz70zz77zfdz84zz70z4sgz89zcify"> and raise</span><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qowz80ziz90zz66z78z76zz71zdz75zz89ztz80zlz90zz86zlisz88zz68zz88zoz83zz89zgz87zslz76zz80z"> the security </span><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qovukz87zz90zxpkuz122zz80zsz67zz122zm5fxz70zz77zfdz84zz70z4sgz89zcify">bar for Dropbox’s on-prem and cloud infrastructure.</span></li> <li><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qowz80ziz90zz66z78z76zz71zdz75zz89ztz80zlz90zz86zlisz88zz68zz88zoz83zz89zgz87zslz76zz80z">Automate security controls using scripting to eliminate redundant work and minimize need for human involvement.</span></li> <li><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qowz80ziz90zz66z78z76zz71zdz75zz89ztz80zlz90zz86zlisz88zz68zz88zoz83zz89zgz87zslz76zz80z">Collaborate with </span><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qovukz87zz90zxpkuz122zz80zsz67zz122zm5fxz70zz77zfdz84zz70z4sgz89zcify">cross functional </span><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qowz80ziz90zz66z78z76zz71zdz75zz89ztz80zlz90zz86zlisz88zz68zz88zoz83zz89zgz87zslz76zz80z">teams and lead security initiatives to influence product decisions and enhance security posture.</span></li> </ul> <p><span class="thread-348589118974529206372994 attrcomment attrcommentfirst thread-348589118974529206372994-first author-d-iz88z86z86za0dz67zz78zz78zz74zz68zjz80zz71z9iz90z95lz89zy6z71zz79zz84zz68zyz69zupz72zz79zcz69zz76zkz79zp1z66ztz67zxz71zz89zz86zz71z"><span class=" author-d-iz88z86z86za0dz67zz78zz78zz74zz68zjz80zz71z9iz90z9z84zyz72zz70zz71zz72zhwl8r6xz85zr3z69z6z86zz78zz76zcfvdsgm4t">Many teams at Dropbox run Services with on-call rotations, which entails being available for calls during both core and non-core business hours. If a team has an on-call rotation, all engineers on the team are expected to participate in the rotation as part of their employment. Applicants are encouraged to ask for more details of the rotations to which the applicant is applying.</span></span></p> <h2>Requirements</h2> <ul> <li><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qovukz87zz90zxpkuz122zz80zsz67zz122zm5fxz70zz77zfdz84zz70z4sgz89zcify">9</span><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qowz81zz86z9z90zz78zpz67zz74zz66zz85zy1z82zkz89zz89zt8z83zz65zz83z6z85zz78z8z77zz70zlz68zz81z7">+</span><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qowz80ziz90zz66z78z76zz71zdz75zz89ztz80zlz90zz86zlisz88zz68zz88zoz83zz89zgz87zslz76zz80z"> years of Security experience or related industry experience, demonstrating impactful contributions to security strategies.</span></li> <li><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qowz80ziz90zz66z78z76zz71zdz75zz89ztz80zlz90zz86zlisz88zz68zz88zoz83zz89zgz87zslz76zz80z">Bachelor's degree in Computer Science, Information Security, or related field, or equivalent experience, with coding proficiency.</span></li> <li><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qovukz87zz90zxpkuz122zz80zsz67zz122zm5fxz70zz77zfdz84zz70z4sgz89zcify">Experience securing LLM, RAG, or agentic AI systems in production, with hands-on implementation of controls for prompt injection, sensitive-data disclosure, excessive agency, data or model poisoning, and AI supply-chain risk. </span></li> <li><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qovukz87zz90zxpkuz122zz80zsz67zz122zm5fxz70zz77zfdz84zz70z4sgz89zcify">Experience designing identity and authorization for non-human workloads and agents using technologies such as SPIFFE/SPIRE, OAuth 2.1 or OIDC, AWS IRSA, Google Workload Identity Federation, Azure managed identities, or equivalent patterns. </span></li> <li><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qovukz87zz90zxpkuz122zz80zsz67zz122zm5fxz70zz77zfdz84zz70z4sgz89zcify">Integrate adversarial testing and release gates for AI systems into CI/CD, including regression coverage for prompt injection, tool abuse, memory poisoning, approval bypass, and multi-agent escalation scenarios. </span></li> <li><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qovukz87zz90zxpkuz122zz80zsz67zz122zm5fxz70zz77zfdz84zz70z4sgz89zcify">Solid knowledge of Linux fundamentals including system administration, security, networking, scripting, and troubleshooting.</span></li> <li><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qowz81zz86z9z90zz78zpz67zz74zz66zz85zy1z82zkz89zz89zt8z83zz65zz83z6z85zz78z8z77zz70zlz68zz81z7">Proficiency using one or more scripting or high-level languages to automate tasks, manipulate data, or build small systems e.g. Bash, Python, Go, Rust, Ruby, NodeJS, C/C++, Java.</span></li> </ul> <h2>Preferred Qualifications</h2> <ul> <li><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qovukz87zz90zxpkuz122zz80zsz67zz122zm5fxz70zz77zfdz84zz70z4sgz89zcify">Experience securing MCP-based systems or similar AI agent and tool protocols. </span></li> <li><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qovukz87zz90zxpkuz122zz80zsz67zz122zm5fxz70zz77zfdz84zz70z4sgz89zcify">Experience with multi-agent security controls such as trust boundaries, signed inter-agent messaging, and circuit breakers. </span></li> <li><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qovukz87zz90zxpkuz122zz80zsz67zz122zm5fxz70zz77zfdz84zz70z4sgz89zcify">Familiarity with NIST AI RMF, NIST SP 800-218A, MITRE ATLAS, CSA AICM, and OWASP LLM and agentic security guidance. </span></li> <li><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qovukz87zz90zxpkuz122zz80zsz67zz122zm5fxz70zz77zfdz84zz70z4sgz89zcify">Experience with security tools such as </span><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qowz81zz66z29z66zfz77zz73zaz83zz88zz66zprz79zz65z8z73z4hz79zuz86zz85zz78zwz81ztz72z0h">T</span><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qovukz87zz90zxpkuz122zz80zsz67zz122zm5fxz70zz77zfdz84zz70z4sgz89zcify">eleport, </span><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qowz81zz66z29z66zfz77zz73zaz83zz88zz66zprz79zz65z8z73z4hz79zuz86zz85zz78zwz81ztz72z0h">C</span><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qovukz87zz90zxpkuz122zz80zsz67zz122zm5fxz70zz77zfdz84zz70z4sgz89zcify">rowd</span><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qowz81zz66z29z66zfz77zz73zaz83zz88zz66zprz79zz65z8z73z4hz79zuz86zz85zz78zwz81ztz72z0h">S</span><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qovukz87zz90zxpkuz122zz80zsz67zz122zm5fxz70zz77zfdz84zz70z4sgz89zcify">trike, </span><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qowz81zz66z29z66zfz77zz73zaz83zz88zz66zprz79zz65z8z73z4hz79zuz86zz85zz78zwz81ztz72z0h">P</span><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qovukz87zz90zxpkuz122zz80zsz67zz122zm5fxz70zz77zfdz84zz70z4sgz89zcify">roofpoint, IPS/IDS, SIEM or SOAR.</span></li> <li><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qowz80ziz90zz66z78z76zz71zdz75zz89ztz80zlz90zz86zlisz88zz68zz88zoz83zz89zgz87zslz76zz80z">Certifications such as CISSP, CISM, or equivalent.</span></li> </ul> <h2 data-usually-unique-id="044234883370604133046166"><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qowz81zqz90zkz74zz76zeez80zz68zz89zz88zvqz86zuxlz73zexxz80zz73z6d6z72zz79zsz77z">Compensation</span></h2><div class="content-pay-transparency"><div class="pay-input"><div class="title">Canada Pay Range</div><div class="pay-range"><span>$205,700</span><span class="divider">—</span><span>$278,300 CAD</span></div></div></div>
Ready to reach the decision-maker?
Set this role as a target and your agent does the sourcing, finds the verified email, writes the pitch, and follows up — on autopilot.
Start your hunt