Staff Security Engineer

About LiveKit

LiveKit is building the infrastructure layer for the voice-driven era of computing. Founded in 2021, the platform gives developers everything they need to build, test, deploy, scale, and observe agents in production. LiveKit powers voice AI applications for OpenAI, xAI, Salesforce, Coursera, Spotify, and thousands of others, collectively facilitating billions of calls each year.

About This Role

This isn't one of those roles where "security" means running scans or writing policies that gather dust. We're looking for a real engineer—someone who thinks like a builder and a breaker. Someone who gets deep into the stack, whether it's an API endpoint, a container image, or a browser sandbox. You know how things are supposed to work—and what happens when they don't.

While some security professionals lean toward policy, compliance, or audits (and we value that too), we're after someone who wants to write code, secure systems, dig into strange bugs, and harden the platform from top to bottom. This is not a role for pointing out what needs to be done. It's for someone who's ready to do it.

What You'll Do

• Own security across the full stack—applications, services, infrastructure, and developer workflows
• Proactively identify, assess, and mitigate risks in both infrastructure and application codebases
• Lead secure code reviews, architecture discussions, and threat modeling sessions
• Build tooling and automations that help prevent security issues before they reach production
• Harden authentication and access control across internal and external surfaces
• Partner closely with engineers across teams to design secure-by-default APIs, workflows, and deployments
• Investigate vulnerabilities, respond to security incidents, and manage disclosure processes when needed
• Stay current with security research, tooling, and threats—then put that knowledge into action

About You

You'll thrive in this role if you meet these core qualities:

• Obsess with crafting code that is fast, reliable, and practical for the problem at hand
• Are known as the go-to person for tackling tough technical problems
• Work hard and can build and ship fast
• Can clearly explain complex technical concepts to others
• Are a fast learner, frequently picking up new languages and tools
• Are a hands-on engineer who understands security from first principles
• Have strong experience with secure coding practices and application security testing
• Understand infrastructure security, containerization, and deployment pipelines
• Have a track record of identifying and fixing real vulnerabilities in production systems

The best way to impress us is with thoughtful Issues and/or PRs on our GitHub repos.

💰 Compensation not publicly listed. Market estimate for similar roles: from $130K, varying by experience and location.