Dropbox is a Virtual First company. For this role, we are hiring in Zones 2 and 3. Please refer to our Compensation section below to see what neighborhoods fall under each Zone.
Role Description
At Dropbox, we believe in simplifying the way people work together. We provide a range of innovative cloud-based solutions to empower individuals and businesses to share, access, and collaborate on their files seamlessly. Security plays a pivotal role in shaping our mission of building a more enlightened way of working where everyone can unleash their creative potential without constraints.
As a Security Engineer, you'll safeguard our digital ecosystem alongside a diverse team of professionals dedicated to protecting our products and users. Trusted by millions, our mission is to integrate security seamlessly into Dropbox, empowering confident collaboration. Join us in owning a range of security projects, fostering innovation and growth in a collaborative environment.
Our Engineering Career Framework is viewable by anyone outside the company and describes what’s expected for our engineers at each of our career levels. Check out our blog post on this topic and more here.
Responsibilities
- Design, deploy, and operate security controls for Dropbox’s AI and agentic infrastructure, including model gateways, inference services, vector stores, retrieval systems, and supporting cloud and Kubernetes platforms.
- Implement least-privilege and secure-execution patterns for AI agents, including per-tool authorization, sandboxing, human-in-the-loop approvals for high-impact actions, and separation of policy validation from execution.
- Lead security implementation for AI tool and agent connectivity layers, including MCP gateway deployments, with controls for OAuth-based authorization, scope minimization, token audience validation, origin validation, replay protection, and secure isolation between trusted and untrusted tool domains.
- Deploy, build, and/or operate security infrastructure solutions to help scale and raise the security bar for Dropbox’s on-prem and cloud infrastructure.
- Automate security controls using scripting to eliminate redundant work and minimize need for human involvement.
- Collaborate with cross functional teams and lead security initiatives to influence product decisions and enhance security posture.
Many teams at Dropbox run Services with on-call rotations, which entails being available for calls during both core and non-core business hours. If a team has an on-call rotation, all engineers on the team are expected to participate in the rotation as part of their employment. Applicants are encouraged to ask for more details of the rotations to which the applicant is applying.
Requirements
- 9+ years of Security experience or related industry experience, demonstrating impactful contributions to security strategies.
- Bachelor's degree in Computer Science, Information Security, or related field, or equivalent experience, with coding proficiency.
- Experience securing LLM, RAG, or agentic AI systems in production, with hands-on implementation of controls for prompt injection, sensitive-data disclosure, excessive agency, data or model poisoning, and AI supply-chain risk.
- Experience designing identity and authorization for non-human workloads and agents using technologies such as SPIFFE/SPIRE, OAuth 2.1 or OIDC, AWS IRSA, Google Workload Identity Federation, Azure managed identities, or equivalent patterns.
- Integrate adversarial testing and release gates for AI systems into CI/CD, including regression coverage for prompt injection, tool abuse, memory poisoning, approval bypass, and multi-agent escalation scenarios.
- Solid knowledge of Linux fundamentals including system administration, security, networking, scripting, and troubleshooting.
- Proficiency using one or more scripting or high-level languages to automate tasks, manipulate data, or build small systems e.g. Bash, Python, Go, Rust, Ruby, NodeJS, C/C++, Java.
Preferred Qualifications
- Experience securing MCP-based systems or similar AI agent and tool protocols.
- Experience with multi-agent security controls such as trust boundaries, signed inter-agent messaging, and circuit breakers.
- Familiarity with NIST AI RMF, NIST SP 800-218A, MITRE ATLAS, CSA AICM, and OWASP LLM and agentic security guidance.
- Experience with security tools such as Teleport, CrowdStrike, Proofpoint, IPS/IDS, SIEM or SOAR.
- Certifications such as CISSP, CISM, or equivalent.
Compensation
US Zone 1
This role is not available in Zone 1
US Zone 2
$214,200—$289,800 USD
US Zone 3
$190,400—$257,600 USD
Salary/OTE is just one component of Dropbox’s total rewards package. All regular employees are also eligible for the corporate bonus program or a sales incentive (target included in OTE) as well as stock in the form of Restricted Stock Units (RSUs).
Dropbox takes a number of factors into account when determining individual starting pay, including job and level they are hired into, location/metropolitan area, skillset, and peer compensation. We target most new hire offers between the minimum up to the middle of the range.
Dropbox uses the zip code of an employee’s remote work location to determine which metropolitan pay range we use. Current US Zone locations are as follows:
- US Zone 1: San Francisco metro, New York City metro, or Seattle metro
- US Zone 2: California (outside SF metro), Colorado, Connecticut (outside NYC metro), Delaware, Illinois (Chicago metro), Indiana (Chicago metro), Maryland, Massachusetts, Michigan (Chicago metro), New Hampshire, New Jersey (outside NYC metro), New York (outside NYC metro), Oregon, Pennsylvania (D.C. metro), Pennsylvania (outside NYC metro), Texas (Austin metro) Virginia (DC metro), Washington (outside Seattle metro), Washington DC metro, West Virginia (DC metro), Wisconsin (Chicago metro)
- US Zone 3: All other US locations
Company Description
Dropbox isn’t just a workplace—it’s a living lab for designing a more enlightened way of working. We’re a global community of bold visionaries and resourceful doers shaping the future of Dropbox and, in turn, the future of work. Our Virtual First model combines the autonomy of a distributed workplace with the power of human connection, creating space for meaningful work and lasting relationships. With a startup mindset and enterprise-level opportunities, we expect Dropbox employees to think critically, stay curious, and use modern tools, including AI, to improve how work gets done. Here, you can be who you are and grow into who you’re meant to be. You own your impact, helping make work more intuitive, joyful, and human for yourself and hundreds of millions of people worldwide. If you’re ready to push boundaries and challenge yourself, Dropbox is ready for you.
Team Description
The Dropbox Engineering Team develops the technology, platforms, and products that create more enlightened ways of working for hundreds of millions of people. Customers rely on Dropbox to manage, share, and collaborate on content seamlessly—our engineering makes that easier and more intuitive than ever before.Our platform features a robust systems software layer that stores and processes exabytes of data, and a suite of growing services that enhance core products like our sharing and sync engine. We’re also driving innovation with new offerings such as Dash, our AI-powered knowledge management engine. Our infrastructure spans high-performance servers and cutting-edge components across multiple data centers worldwide, ensuring reliability, speed, and scalability at a global scale. We think like a startup but build for an enterprise, exploring new possibilities that transform how people work. If you're excited about turning complex technical challenges into intuitive solutions at scale, join our Engineering team.
Virtual First
Dropbox’s Virtual First way of working is designed to help people do their best work with flexibility, autonomy, and connection. Day to day, teams work remotely with nonlinear schedules and core collaboration hours that support deep focus and individual working styles. We prioritize asynchronous communication to improve clarity, respect deep work time, and reduce unnecessary meetings. While remote work is the primary experience for our employees, we also prioritize intentional, in-person connection. We bring teams together through regular team gatherings, on-demand workspaces, and Dropbox Neighborhood events in order to strengthen team cohesion, foster creativity, and enhance momentum. Virtual First is built to provide the same access to opportunity, growth, and impact for everyone, regardless of location.
This role requires travel to offsites and various other team gatherings (approximately 5-10% of the year or 2-3 days per quarter). We provide advance notice when possible and encourage candidates to discuss any accommodation needs during the interview process.
AI Fluency
- Ownership: You use AI responsibly by protecting data, applying sound judgment, and taking accountability for the quality and accuracy of your work.
- Experimentation: You explore new AI capabilities and apply them to improve workflows within approved tools and practices.
- Leverage: You use AI to enhance thinking, improve efficiency, and increase your impact and your team’s.
- Learning: You stay current on emerging AI tools and trends, continuously build your skills, and share what you learn with others.
Dropbox is an equal opportunity employer. We are a welcoming place for everyone, and we do our best to make sure all people feel supported and connected at work.