Welcome to RemoteYeah 2.0! Find out more about the new version here.

Remote Staff Security Engineer

at LiveKit

Posted 13 hours ago 1 applied

Description:

  • The Staff Security Engineer at LiveKit is not just focused on running scans or writing policies; they are expected to be a hands-on engineer who can think like both a builder and a breaker.
  • The role involves getting deep into the stack, including API endpoints, container images, and browser sandboxes.
  • The engineer will own security across the stack, which includes applications, services, infrastructure, and developer workflows.
  • Responsibilities include proactively identifying, assessing, and mitigating risks in both infrastructure and application codebases.
  • The engineer will lead secure code reviews, architecture discussions, and threat modeling sessions.
  • They will build tooling and automations to prevent security issues before they reach production.
  • The role requires hardening authentication and access control across internal and external surfaces.
  • The engineer will partner closely with other engineers to design secure-by-default APIs, workflows, and deployments.
  • Investigating vulnerabilities, responding to security incidents, and managing disclosure processes are also key responsibilities.
  • Staying current with security research, tooling, and threats is essential, and the engineer is expected to put that knowledge into action.

Requirements:

  • Candidates should be hands-on engineers who understand security from first principles.
  • A minimum of 6 years of experience as a software engineer with an interest in security engineering is required.
  • Applicants should have led or heavily contributed to security engineering efforts across applications, infrastructure, or both.
  • The ability to analyze systems for weaknesses in business logic, configuration, or code is necessary.
  • Experience with threat modeling, secure coding practices, and vulnerability management is required.
  • Familiarity with CI/CD systems, cloud platforms (such as AWS, GCP), and containerized environments is essential.
  • Candidates must be able to translate security concerns into engineering action without being the “no” person.
  • Excellent communication and collaboration skills are required, along with the ability to document and evangelize best practices.
  • Experience responding to real-world security incidents, leading postmortems, or driving remediation efforts is necessary.

Benefits:

  • LiveKit offers a competitive salary and equity package.
  • Health, dental, and vision benefits are provided.
  • The company offers flexible vacation policies.
  • A remote-friendly work environment is available, with necessary equipment provided.