Logo for Dropbox

Senior Infrastructure Security Engineer

Role overview

Qualifications

  • 9+ years of Security experience or related industry experience
  • Bachelor's degree in Computer Science, Information Security, or related field, or equivalent experience
  • Experience securing LLM, RAG, or agentic AI systems in production
  • Solid knowledge of Linux fundamentals including system administration, security, networking, scripting, and troubleshooting

Responsibilities

  • Design, deploy, and operate security controls for Dropbox’s AI and agentic infrastructure
  • Implement least-privilege and secure-execution patterns for AI agents
  • Lead security implementation for AI tool and agent connectivity layers
  • Automate security controls using scripting to eliminate redundant work

Key facts

Other skills

  • Collaboration
  • Problem Solving

About the company

Dropbox logo

Dropbox

Dropbox is the one place to keep life organized and keep work moving. With more than 700 million registered users across 180 countries, we're on a mission to design a more enlightened way of working. Dropbox is headquartered in San Francisco, CA, and has offices around the world. To learn more about working at Dropbox, visit dropbox.com/jobs We also have a few simple guidelines to keep this space respectful and productive. Please avoid: - Harassing other people or using language that’s hateful, offensive, vulgar, or advocates violence - Trolling, fraud and spamming - Violating someone else’s rights or privacy - Advertising or soliciting donations - Link baiting - Posting off topic comments or thread hijacking We may remove comments that violate these guidelines.

Company details

Company typeLarge
Company size1001 - 5000

Your match analysis

See how your profile stacks up against this role.

We compared the job requirements to your profile to show where you're strong and where you fall short.

Job description

Role Description

At Dropbox, we believe in simplifying the way people work together. We provide a range of innovative cloud-based solutions to empower individuals and businesses to share, access, and collaborate on their files seamlessly. Security plays a pivotal role in shaping our mission of building a more enlightened way of working where everyone can unleash their creative potential without constraints.

As a Security Engineer, you'll safeguard our digital ecosystem alongside a diverse team of professionals dedicated to protecting our products and users. Trusted by millions, our mission is to integrate security seamlessly into Dropbox, empowering confident collaboration. Join us in owning a range of security projects, fostering innovation and growth in a collaborative environment.

Our Engineering Career Framework is viewable by anyone outside the company and describes what’s expected for our engineers at each of our career levels. Check out our blog post on this topic and more here.

Responsibilities

  • Design, deploy, and operate security controls for Dropbox’s AI and agentic infrastructure, including model gateways, inference services, vector stores, retrieval systems, and supporting cloud and Kubernetes platforms.
  • Implement least-privilege and secure-execution patterns for AI agents, including per-tool authorization, sandboxing, human-in-the-loop approvals for high-impact actions, and separation of policy validation from execution. 
  • Lead security implementation for AI tool and agent connectivity layers, including MCP gateway deployments, with controls for OAuth-based authorization, scope minimization, token audience validation, origin validation, replay protection, and secure isolation between trusted and untrusted tool domains. 
  • Deploy, build, and/or operate security infrastructure solutions to help scale and raise the security bar for Dropbox’s on-prem and cloud infrastructure.
  • Automate security controls using scripting to eliminate redundant work and minimize need for human involvement.
  • Collaborate with cross functional teams and lead security initiatives to influence product decisions and enhance security posture.

Many teams at Dropbox run Services with on-call rotations, which entails being available for calls during both core and non-core business hours. If a team has an on-call rotation, all engineers on the team are expected to participate in the rotation as part of their employment. Applicants are encouraged to ask for more details of the rotations to which the applicant is applying.

Requirements

  • 9+ years of Security experience or related industry experience, demonstrating impactful contributions to security strategies.
  • Bachelor's degree in Computer Science, Information Security, or related field, or equivalent experience, with coding proficiency.
  • Experience securing LLM, RAG, or agentic AI systems in production, with hands-on implementation of controls for prompt injection, sensitive-data disclosure, excessive agency, data or model poisoning, and AI supply-chain risk. 
  • Experience designing identity and authorization for non-human workloads and agents using technologies such as SPIFFE/SPIRE, OAuth 2.1 or OIDC, AWS IRSA, Google Workload Identity Federation, Azure managed identities, or equivalent patterns. 
  • Integrate adversarial testing and release gates for AI systems into CI/CD, including regression coverage for prompt injection, tool abuse, memory poisoning, approval bypass, and multi-agent escalation scenarios. 
  • Solid knowledge of Linux fundamentals including system administration, security, networking, scripting, and troubleshooting.
  • Proficiency using one or more scripting or high-level languages to automate tasks, manipulate data, or build small systems e.g. Bash, Python, Go, Rust, Ruby, NodeJS, C/C++, Java.

Preferred Qualifications

  • Experience securing MCP-based systems or similar AI agent and tool protocols. 
  • Experience with multi-agent security controls such as trust boundaries, signed inter-agent messaging, and circuit breakers. 
  • Familiarity with NIST AI RMF, NIST SP 800-218A, MITRE ATLAS, CSA AICM, and OWASP LLM and agentic security guidance. 
  • Experience with security tools such as Teleport, CrowdStrike, Proofpoint, IPS/IDS, SIEM or SOAR.
  • Certifications such as CISSP, CISM, or equivalent.

Compensation

US Zone 1

This role is not available in Zone 1

US Zone 2
$214,200$289,800 USD
US Zone 3
$190,400$257,600 USD

Apply once. Then go straight to the hiring manager.

After you apply, unlock the direct contact details of the people who actually make the call. A quick follow-up makes you 5x more likely to land an interview.

MR

Marcus Rivera

Chief Revenue Officer

m.rivera@company.com
linkedin.com/in/marcusrivera
Unlocked after you apply
·

Security Engineer Related jobs

Other jobs at Dropbox

Premium

Reach out to the hiring manager directly.

Gain access to the contact details of the hiring managers who actually decide, and reach out to network with them directly. That, plus more when you upgrade:

  • Full match report with fit score and gaps
  • Career diagnostics on how recruiters read you
  • Curated company matches and warm intros
  • 48h early access to new roles

Cancel anytime.