The Staff Security Engineer at LiveKit is not just focused on running scans or writing policies; they are expected to be a hands-on engineer who can think like both a builder and a breaker.
The role involves getting deep into the stack, including API endpoints, container images, and browser sandboxes.
The engineer will own security across the stack, which includes applications, services, infrastructure, and developer workflows.
Responsibilities include proactively identifying, assessing, and mitigating risks in both infrastructure and application codebases.
The engineer will lead secure code reviews, architecture discussions, and threat modeling sessions.
They will build tooling and automations to prevent security issues before they reach production.
The role requires hardening authentication and access control across internal and external surfaces.
The engineer will partner closely with other engineers to design secure-by-default APIs, workflows, and deployments.
Investigating vulnerabilities, responding to security incidents, and managing disclosure processes are also key responsibilities.
Staying current with security research, tooling, and threats is essential, and the engineer is expected to put that knowledge into action.
Requirements:
Candidates should be hands-on engineers who understand security from first principles.
A minimum of 6 years of experience as a software engineer with an interest in security engineering is required.
Applicants should have led or heavily contributed to security engineering efforts across applications, infrastructure, or both.
The ability to analyze systems for weaknesses in business logic, configuration, or code is necessary.
Experience with threat modeling, secure coding practices, and vulnerability management is required.
Familiarity with CI/CD systems, cloud platforms (such as AWS, GCP), and containerized environments is essential.
Candidates must be able to translate security concerns into engineering action without being the “no” person.
Excellent communication and collaboration skills are required, along with the ability to document and evangelize best practices.
Experience responding to real-world security incidents, leading postmortems, or driving remediation efforts is necessary.
Benefits:
LiveKit offers a competitive salary and equity package.
Health, dental, and vision benefits are provided.
The company offers flexible vacation policies.
A remote-friendly work environment is available, with necessary equipment provided.
