Original listing text, shown exactly as published by the company.
Responsibilities
- Design, deploy and operate infrastructure-level security controls for Dropbox's AI and agentic infrastructure, including cloud infrastructure, Kubernetes and data stores.
- Design and implement secure authentication, authorization and networking patterns for AI agents and other non-human actors
- Lead security implementation for secure usage of AI tools and governance.
- Maintain a high and continuously improving bar for the security of Dropbox infrastructure in order to protect customer data.
- Review the current and upcoming infrastructure stack from a security perspective and provide hardening mechanisms and recommendations.
- Deploy, build, and/or operate security infrastructure solutions to help scale and raise the security bar for Dropbox’s on-prem and cloud infrastructure.
- Collaborate with cross functional teams and lead security initiatives to influence product decisions and enhance security posture.
Many teams at Dropbox run Services with on-call rotations, which entails being available for calls during both core and non-core business hours. If a team has an on-call rotation, all engineers on the team are expected to participate in the rotation as part of their employment. Applicants are encouraged to ask for more details of the rotations to which the applicant is applying.
Requirements
- 9+ years of Security experience or related industry experience, demonstrating impactful contributions to security strategies.
- Bachelor's degree in Computer Science, Information Security, or related field, or equivalent experience, with coding proficiency.
- Experience in securing agentic AI systems with hands-on implementation of security controls targeting AI-specific vulnerabilities like prompt injection, data or model poisoning, and AI supply-chain risk.
- Experience in designing and implementing identity and authorization for non-human workloads and agents using modern frameworks such as SPIFFE/SPIRE, OAuth 2.1, OIDC, or cloud provider equivalents.
- Experience implementing policy-as-code, infrastructure-as-code, and security automation for cloud and AI platforms.
- Experience with cloud security technologies for providers like Amazon Web Services (AWS), Google Cloud Platform (GCP) or Microsoft Azure.
- Proficiency using one or more scripting or high-level languages to automate tasks, manipulate data, or build small systems e.g. Bash, Python, Go, Rust, Ruby, NodeJS, C/C++, Java.
Preferred Qualifications
- Experience securing MCP-based systems or similar AI agent and tool protocols.
- Experience with multi-agent security controls such as trust boundaries, signed inter-agent messaging, and circuit breakers.
- Familiarity with NIST AI RMF, NIST SP 800-218A, OWASP LLM and agentic security guidance.
- Experience in Kubernetes and container security.
- Experience with security tools such as Teleport, CrowdStrike, Proofpoint, IPS/IDS, SIEM or SOAR.
- Certifications such as CISSP, CISM, or equivalent.…
