MLW LogoMost Loved Workplace® Certified Job

Senior Infrastructure Security Engineer

MLW LogoAssessed by Most Loved Workplace®
92% of candidates apply because they are a Most Loved Workplace®
Remote - Canada: Select locations
Security (Sub Team)
This position may no longer be active.View all open positions at Dropbox

About the Role

At Dropbox, a Most Loved Workplace® certified employer in the Software space, Design a more enlightened way of working for everyone, everywhere.

<h2>Role Description</h2>

<p><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qowz80ziz90zz66z78z76zz71zdz75zz89ztz80zlz90zz86zlisz88zz68zz88zoz83zz89zgz87zslz76zz80z">At Dropbox, we believe in simplifying the way people work together. We provide a range of innovative cloud-based solutions to empower individuals and businesses to share, access, and collaborate on their files seamlessly. Security plays a pivotal role in shaping our mission of building a more enlightened way of working where everyone can unleash their creative potential without constraints.</span></p>

<p><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qowz80ziz90zz66z78z76zz71zdz75zz89ztz80zlz90zz86zlisz88zz68zz88zoz83zz89zgz87zslz76zz80z">As a Security Engineer, you'll safeguard our digital ecosystem alongside a diverse team of professionals dedicated to protecting our products and users. Trusted by millions, our mission is to integrate security seamlessly into Dropbox, empowering confident collaboration. Join us in owning a range of security projects, fostering innovation and growth in a collaborative environment.</span></p>

<div>

<p><span class=" author-d-iz88z86z86za0dz67zz78zz78zz74zz68zjz80zz71z9iz90z95lz89zy6z71zz79zz84zz68zyz69zupz72zz79zcz69zz76zkz79zp1z66ztz67zxz71zz89zz86zz71z">Our Engineering Career Framework is </span><span class="attrlink url author-d-iz88z86z86za0dz67zz78zz78zz74zz68zjz80zz71z9iz90z95lz89zy6z71zz79zz84zz68zyz69zupz72zz79zcz69zz76zkz79zp1z66ztz67zxz71zz89zz86zz71z"><a class="attrlink" href="https://Dropbox.github.io/dbx-career-framework/" target="_blank" data-target-href="https://Dropbox.github.io/dbx-career-framework/"><u>viewable by anyone outside Dropbox</u></a></span><span class=" author-d-iz88z86z86za0dz67zz78zz78zz74zz68zjz80zz71z9iz90z95lz89zy6z71zz79zz84zz68zyz69zupz72zz79zcz69zz76zkz79zp1z66ztz67zxz71zz89zz86zz71z"> and describes what’s expected for our engineers at each of our career levels. Check out our blog post on this topic and more </span><span class="attrlink url author-d-iz88z86z86za0dz67zz78zz78zz74zz68zjz80zz71z9iz90z95lz89zy6z71zz79zz84zz68zyz69zupz72zz79zcz69zz76zkz79zp1z66ztz67zxz71zz89zz86zz71z"><a class="attrlink" href="https://Dropbox.tech/culture/sharing-our-engineering-career-framework-with-the-world" target="_blank" data-target-href="https://Dropbox.tech/culture/sharing-our-engineering-career-framework-with-the-world">here</a></span><span class=" author-d-iz88z86z86za0dz67zz78zz78zz74zz68zjz80zz71z9iz90z95lz89zy6z71zz79zz84zz68zyz69zupz72zz79zcz69zz76zkz79zp1z66ztz67zxz71zz89zz86zz71z">.</span></p>

</div>

<h2>Responsibilities</h2>

<ul>

<li><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qowz80ziz90zz66z78z76zz71zdz75zz89ztz80zlz90zz86zlisz88zz68zz88zoz83zz89zgz87zslz76zz80z">Design, deploy and operate infrastructure-level security controls for Dropbox's AI and agentic infrastructure, including cloud infrastructure, Kubernetes and data stores.</span></li>

<li><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qowz80ziz90zz66z78z76zz71zdz75zz89ztz80zlz90zz86zlisz88zz68zz88zoz83zz89zgz87zslz76zz80z">Design and implement secure authentication, authorization and networking patterns for AI agents and other non-human actors</span></li>

<li><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qovukz87zz90zxpkuz122zz80zsz67zz122zm5fxz70zz77zfdz84zz70z4sgz89zcify">Lead security implementation for secure usage of AI tools and governance.</span></li>

<li><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qowz80ziz90zz66z78z76zz71zdz75zz89ztz80zlz90zz86zlisz88zz68zz88zoz83zz89zgz87zslz76zz80z">Maintain a high and continuously improving bar for the security of Dropbox infrastructure in order to protect customer data.</span></li>

<li><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qowz80ziz90zz66z78z76zz71zdz75zz89ztz80zlz90zz86zlisz88zz68zz88zoz83zz89zgz87zslz76zz80z">Review the current and upcoming infrastructure stack from a security perspective and provide hardening mechanisms and</span><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qowz80ziz90zz66z78z76zz71zdz75zz89ztz80zlz90zz86zlisz88zz68zz88zoz83zz89zgz87zslz76zz80z"><strong> </strong></span><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qowz80ziz90zz66z78z76zz71zdz75zz89ztz80zlz90zz86zlisz88zz68zz88zoz83zz89zgz87zslz76zz80z">recommendations.</span></li>

<li><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qowz80ziz90zz66z78z76zz71zdz75zz89ztz80zlz90zz86zlisz88zz68zz88zoz83zz89zgz87zslz76zz80z">Deploy, build, and/or operate security infrastructure solutions to help scale</span><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qovukz87zz90zxpkuz122zz80zsz67zz122zm5fxz70zz77zfdz84zz70z4sgz89zcify"> and raise</span><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qowz80ziz90zz66z78z76zz71zdz75zz89ztz80zlz90zz86zlisz88zz68zz88zoz83zz89zgz87zslz76zz80z"> the security </span><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qovukz87zz90zxpkuz122zz80zsz67zz122zm5fxz70zz77zfdz84zz70z4sgz89zcify">bar for Dropbox’s on-prem and cloud infrastructure.</span></li>

<li><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qowz80ziz90zz66z78z76zz71zdz75zz89ztz80zlz90zz86zlisz88zz68zz88zoz83zz89zgz87zslz76zz80z">Collaborate with </span><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qovukz87zz90zxpkuz122zz80zsz67zz122zm5fxz70zz77zfdz84zz70z4sgz89zcify">cross functional </span><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qowz80ziz90zz66z78z76zz71zdz75zz89ztz80zlz90zz86zlisz88zz68zz88zoz83zz89zgz87zslz76zz80z">teams and lead security initiatives to influence product decisions and enhance security posture.</span></li>

</ul>

<p><span class="thread-348589118974529206372994 attrcomment attrcommentfirst thread-348589118974529206372994-first author-d-iz88z86z86za0dz67zz78zz78zz74zz68zjz80zz71z9iz90z95lz89zy6z71zz79zz84zz68zyz69zupz72zz79zcz69zz76zkz79zp1z66ztz67zxz71zz89zz86zz71z"><span class=" author-d-iz88z86z86za0dz67zz78zz78zz74zz68zjz80zz71z9iz90z9z84zyz72zz70zz71zz72zhwl8r6xz85zr3z69z6z86zz78zz76zcfvdsgm4t">Many teams at Dropbox run Services with on-call rotations, which entails being available for calls during both core and non-core business hours. If a team has an on-call rotation, all engineers on the team are expected to participate in the rotation as part of their employment. Applicants are encouraged to ask for more details of the rotations to which the applicant is applying.</span></span></p>

<h2>Requirements</h2>

<ul>

<li><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qovukz87zz90zxpkuz122zz80zsz67zz122zm5fxz70zz77zfdz84zz70z4sgz89zcify">9</span><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qowz81zz86z9z90zz78zpz67zz74zz66zz85zy1z82zkz89zz89zt8z83zz65zz83z6z85zz78z8z77zz70zlz68zz81z7">+</span><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qowz80ziz90zz66z78z76zz71zdz75zz89ztz80zlz90zz86zlisz88zz68zz88zoz83zz89zgz87zslz76zz80z"> years of Security experience or related industry experience, demonstrating impactful contributions to security strategies.</span></li>

<li><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qowz80ziz90zz66z78z76zz71zdz75zz89ztz80zlz90zz86zlisz88zz68zz88zoz83zz89zgz87zslz76zz80z">Bachelor's degree in Computer Science, Information Security, or related field, or equivalent experience, with coding proficiency.</span></li>

<li><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qovukz87zz90zxpkuz122zz80zsz67zz122zm5fxz70zz77zfdz84zz70z4sgz89zcify">Experience in s</span><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qowz80ziz90zz66z78z76zz71zdz75zz89ztz80zlz90zz86zlisz88zz68zz88zoz83zz89zgz87zslz76zz80z">ecuring agentic AI systems with hands-on implementation of security controls targeting AI-specific vulnerabilities like prompt injection, data or model poisoning, and AI supply-chain risk.</span></li>

<li><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qovukz87zz90zxpkuz122zz80zsz67zz122zm5fxz70zz77zfdz84zz70z4sgz89zcify">Experience in d</span><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qowz80ziz90zz66z78z76zz71zdz75zz89ztz80zlz90zz86zlisz88zz68zz88zoz83zz89zgz87zslz76zz80z">esigning and implementing identity and authorization for non-human workloads and agents using modern frameworks such as SPIFFE/SPIRE, OAuth 2.1, OIDC, or cloud provider equivalents.</span></li>

<li><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qowz80ziz90zz66z78z76zz71zdz75zz89ztz80zlz90zz86zlisz88zz68zz88zoz83zz89zgz87zslz76zz80z">Experience implementing policy-as-code, infrastructure-as-code, and security automation for cloud and AI platforms.</span></li>

<li><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qowz80ziz90zz66z78z76zz71zdz75zz89ztz80zlz90zz86zlisz88zz68zz88zoz83zz89zgz87zslz76zz80z">Experience </span><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qovukz87zz90zxpkuz122zz80zsz67zz122zm5fxz70zz77zfdz84zz70z4sgz89zcify">with </span><span class="thread-000395457356270401102634 author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qovukz87zz90zxpkuz122zz80zsz67zz122zm5fxz70zz77zfdz84zz70z4sgz89zcify">cloud security</span><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qovukz87zz90zxpkuz122zz80zsz67zz122zm5fxz70zz77zfdz84zz70z4sgz89zcify"> technologies for providers like Amazon Web Services</span> <span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qovukz87zz90zxpkuz122zz80zsz67zz122zm5fxz70zz77zfdz84zz70z4sgz89zcify h-lparen">(AWS),</span><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qovukz87zz90zxpkuz122zz80zsz67zz122zm5fxz70zz77zfdz84zz70z4sgz89zcify"> Google Cloud Platform</span> <span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qovukz87zz90zxpkuz122zz80zsz67zz122zm5fxz70zz77zfdz84zz70z4sgz89zcify h-lparen">(GCP)</span><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qovukz87zz90zxpkuz122zz80zsz67zz122zm5fxz70zz77zfdz84zz70z4sgz89zcify"> or Microsoft Azure.</span></li>

<li><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qowz81zz86z9z90zz78zpz67zz74zz66zz85zy1z82zkz89zz89zt8z83zz65zz83z6z85zz78z8z77zz70zlz68zz81z7">Proficiency using one or more scripting or high-level languages to automate tasks, manipulate data, or build small systems e.g. Bash, Python, Go, Rust, Ruby, NodeJS, C/C++, Java.</span></li>

</ul>

<h2>Preferred Qualifications</h2>

<ul>

<li><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qovukz87zz90zxpkuz122zz80zsz67zz122zm5fxz70zz77zfdz84zz70z4sgz89zcify">Experience securing MCP-based systems or similar AI agent and tool protocols. </span></li>

<li><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qovukz87zz90zxpkuz122zz80zsz67zz122zm5fxz70zz77zfdz84zz70z4sgz89zcify">Experience with multi-agent security controls such as trust boundaries, signed inter-agent messaging, and circuit breakers. </span></li>

<li><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qovukz87zz90zxpkuz122zz80zsz67zz122zm5fxz70zz77zfdz84zz70z4sgz89zcify">Familiarity with NIST AI RMF, NIST SP 800-218A, OWASP LLM and agentic security guidance. </span></li>

<li><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qovukz87zz90zxpkuz122zz80zsz67zz122zm5fxz70zz77zfdz84zz70z4sgz89zcify">Experience in </span><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qowz81zz66z29z66zfz77zz73zaz83zz88zz66zprz79zz65z8z73z4hz79zuz86zz85zz78zwz81ztz72z0h">K</span><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qovukz87zz90zxpkuz122zz80zsz67zz122zm5fxz70zz77zfdz84zz70z4sgz89zcify">ubernetes and container security.</span></li>

<li><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qovukz87zz90zxpkuz122zz80zsz67zz122zm5fxz70zz77zfdz84zz70z4sgz89zcify">Experience with security tools such as </span><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qowz81zz66z29z66zfz77zz73zaz83zz88zz66zprz79zz65z8z73z4hz79zuz86zz85zz78zwz81ztz72z0h">T</span><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qovukz87zz90zxpkuz122zz80zsz67zz122zm5fxz70zz77zfdz84zz70z4sgz89zcify">eleport, </span><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qowz81zz66z29z66zfz77zz73zaz83zz88zz66zprz79zz65z8z73z4hz79zuz86zz85zz78zwz81ztz72z0h">C</span><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qovukz87zz90zxpkuz122zz80zsz67zz122zm5fxz70zz77zfdz84zz70z4sgz89zcify">rowd</span><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qowz81zz66z29z66zfz77zz73zaz83zz88zz66zprz79zz65z8z73z4hz79zuz86zz85zz78zwz81ztz72z0h">S</span><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qovukz87zz90zxpkuz122zz80zsz67zz122zm5fxz70zz77zfdz84zz70z4sgz89zcify">trike, </span><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qowz81zz66z29z66zfz77zz73zaz83zz88zz66zprz79zz65z8z73z4hz79zuz86zz85zz78zwz81ztz72z0h">P</span><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qovukz87zz90zxpkuz122zz80zsz67zz122zm5fxz70zz77zfdz84zz70z4sgz89zcify">roofpoint, IPS/IDS, SIEM or SOAR.</span></li>

<li><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qowz80ziz90zz66z78z76zz71zdz75zz89ztz80zlz90zz86zlisz88zz68zz88zoz83zz89zgz87zslz76zz80z">Certifications such as CISSP, CISM, or equivalent.</span></li>

<li><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qowz80ziz90zz66z78z76zz71zdz75zz89ztz80zlz90zz86zlisz88zz68zz88zoz83zz89zgz87zslz76zz80z">Involvement in security community activities, conferences, or publications.</span></li>

</ul>

<h2 data-usually-unique-id="044234883370604133046166"><span class=" author-d-1gg9uz65z1iz85zgdz68zmqkz84zo2qowz81zqz90zkz74zz76zeez80zz68zz89zz88zvqz86zuxlz73zexxz80zz73z6d6z72zz79zsz77z">Compensation</span></h2><div class="content-pay-transparency"><div class="pay-input"><div class="title">Canada Pay Range</div><div class="pay-range"><span>$205,700</span><span class="divider">—</span><span>$278,300 CAD</span></div></div></div>

Want to learn more about what it's like to work at Dropbox? View our full profile.

MLW Logo

Why This Is a Most Loved Workplace® Certified Job

What It's Like to Work Here

Users Connection Over Distance
Zap Frictionless Execution
Lightbulb Creative Problem-Solving
Heart Holistic Employee Care
Target Mission-Driven Work
Handshake Trust-Based Culture

Frequently Asked Questions About Working at Dropbox

Common questions candidates ask about this role and Dropbox's workplace

Dropbox is a cloud storage solution, equipped with features to help you save time, improve your productivity and collaborate with others.

This position is listed as remote based on the job location.

Salary information may vary by role and location. Please check the specific job listing or discuss compensation during the interview process.

Dropbox is an established organization in its industry. The company focuses on maintaining a supportive workplace culture for all employees.

Key benefit categories include: Health & Wellness, Financial & Retirement, Family Support, Time Off & Flexibility, Learning & Development. You can view more details on their CertCheck profile.

The day-to-day environment is guided by core values such as Connection Over Distance and Frictionless Execution and Creative Problem-Solving.

The company has committed to inclusive practices including: Empower Human-Centered Collaboration and Support Comprehensive Employee Wellbeing.

Dropbox has a supportive and collaborative culture, recognized as a loved place to work by its team members.

Dropbox currently has 51 open positions. They are hiring across departments like Direct Sales - AMER (Sub Team), Communications (Sub Team), CTO-Data Science, AI Platform & Eng (Sub Team). You can view all current openings at certcheck.mostlovedworkplace.com/companies/dropbox/jobs.

The interview process typically involves an initial recruiter screen followed by team interviews. Please contact Dropbox's recruiting team for specific details on this role's process.

Apply for Senior Infrastructure Security Engineer

Submit your application directly to the Dropbox team. Let them know why you'd be a great addition to their loved place to work.

Most Loved Workplace® Logo
Powered by Most Loved Workplace®

The global standard for company culture certification and employer of choice visibility.

Learn more about Most Loved Workplace®