Staff Security Engineer

**About LiveKit:** LiveKit is revolutionizing the AI landscape by providing the essential network infrastructure that powers multimodal AI interfaces, enabling seamless audio and video interactions. Founded in 2021, LiveKit has rapidly grown to support over 3 Billion calls annually, 100,000+ developers globally, and industry giants like OpenAI, Character AI, Spotify, and Meta. We build open-source APIs to power the future of computing and are a company of engineers building software stacks for other engineers. Our mission is to enable developers to build scalable and reliable real-time communication applications with ease, focusing on RTC (Real-Time Communication) technologies like webRTC. We embrace a remote-first culture and are committed to empowering developers to create impactful applications through our platform.

    **About The Role:** LiveKit is building the modern, open platform for real-time audio and video. Developers use our SDKs and APIs to add interactive voice, video, and live media features into their apps. We're used in healthcare, fitness, virtual events, customer support, gaming, and more — anywhere people collaborate or connect live online. We are looking for a real engineer who thinks like a builder and a breaker to own security across the stack—applications, services, infrastructure, and developer workflows. This is not a role for pointing out what needs to be done. It's for someone who's ready to do it.

    **Key Responsibilities:**
    *   Own security across the stack—applications, services, infrastructure, and developer workflows.
    *   Proactively identify, assess, and mitigate risks in both infrastructure and application codebases.
    *   Lead secure code reviews, architecture discussions, and threat modeling sessions.
    *   Build tooling and automations that help prevent security issues before they reach production.
    *   Harden authentication and access control across internal and external surfaces.
    *   Partner closely with engineers across teams to design secure-by-default APIs, workflows, and deployments.
    *   Investigate vulnerabilities, respond to security incidents, and manage disclosure processes when needed.
    *   Stay current with security research, tooling, and threats—then put that knowledge into action.

    **Required Skills and Experience:**
    *   6+ years of experience as a software engineer with an interest in security engineering.
    *   You’ve led or heavily contributed to security engineering efforts across applications, infrastructure, or both.
    *   You can analyze systems for weaknesses—whether they’re in business logic, configuration, or code.
    *   You’re experienced with threat modeling, secure coding practices, and vulnerability management.
    *   You’ve worked with CI/CD systems, cloud platforms (AWS, GCP, etc.), and containerized environments.
    *   You can translate security concerns into engineering action without being the “no” person.
    *   You’re an excellent communicator and collaborator who can document and evangelize best practices.
    *   You’ve responded to real-world security incidents, led postmortems, or driven remediation efforts.
    *   Experience with security reviews of WebRTC, media pipelines, or real-time systems is a plus.
    *   Contributions to open-source security tooling or research are a bonus.

    **Compensation:** The estimated pay range for this role is $150,000 - $250,000. This role is eligible to participate in LiveKit's equity plan.

    **Benefits:** We offer competitive salaries, equity options, comprehensive health benefits (medical, dental, vision), flexible vacation policies, and the opportunity to work with world-class engineers on cutting-edge technology.

    **Apply:** To apply, please visit our careers page and submit your application through the provided link.