Security Engineer, Detection and Response Team
Dublin, Ireland
About Us:
We're on a mission to make it possible for every person, team, and company to tailor their software to solve any problem and take on any challenge. At Notion, we want to change this with focus, design, and craft.
We've been working on this together since 2016, with customers like Pixar, Mitsubishi, Figma, Plaid, Match Group, and thousands more. Today, we're growing fast and excited for new teammates who are the best at what they do. We're passionate about building a company as diverse and creative as the millions of people Notion reaches worldwide.
Notion is an in-person company, requiring employees to come to the office for two Anchor Days (Mondays & Thursdays) and spend the majority of their week in the office.
About The Role:
Millions of people use Notion, and this number is increasing every day. Our users depend on us to deliver a secure and trustworthy experience. Notion is looking for a talented Security Engineer with solid communication and analytical skills to help improve and optimize our security monitoring program. We seek someone with technical ability and attention to detail, who can function comfortably in various cyber security disciplines.
If you're passionate about data privacy and security, understand the security monitoring process, and enjoy designing creative approaches to provide effective security monitoring at scale, this could be the opportunity you’ve been looking for.
Notion’s Security team builds and evolves our detection, response, and security automation capabilities to protect our users and data. We proactively monitor, detect, and investigate threats across Notion’s cloud-native environment, ensuring a resilient security posture.
What You'll Achieve:
* Design and implement advanced detections, automate security workflows, lead incident investigations, and conduct proactive threat hunts to identify and mitigate risks.
* Lead detection engineering efforts, designing scalable, high-fidelity security detections across cloud, endpoint, and application environments.
* Develop automation & orchestration solutions to improve response and containment times.
* Own and drive incident response, leading major security incidents, containment, and remediation efforts.
* Conduct proactive threat hunting, leveraging threat intelligence to detect hidden adversary activity.
* Reverse-engineer attacks, analyzing adversary behavior and developing robust detection strategies.
* Continuously improve security defenses, applying lessons learned from incidents and emerging threat trends.
Skills You'll Need to Bring:
* 5+ years of experience in security detection, response, or related fields.
* Strong ability to write, tune, and optimize detections across various platforms (e.g., EDR, SIEM, network monitoring).
* Proficiency in scripting and automation (Python, Go, or similar).
* Experience with detection rule development (Sigma, YARA, Splunk SPL, KQL).
* Deep expertise in the incident response lifecycle, including investigation, containment, and remediation.
* Experience securing cloud-native environments (AWS, GCP, or Azure).
* Ability to assess security gaps and propose detection & response improvements.
* Team player: Thrive in a team environment, collaborating cross-functionally.
Nice to Haves:
* Experience leading large-scale security initiatives or driving security automation programs.
* Background in red teaming, adversary emulation, or offensive security.
* Involvement in the security community, such as conference presentations or open-source contributions.
We encourage you to apply even if you don’t meet every single qualification. The right candidate is more than a checklist—we’re looking for curious, security-minded individuals who are excited about Detection & Response.
Notion is proud to be an equal opportunity employer. We do not discriminate in hiring based on race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, genetic information, veteran status, gender identity or expression, sexual orientation, or other legally protected characteristic.
#J-18808-Ljbffr