LiveKit is building the infrastructure layer for the agentic era of computing. Our platform gives developers everything they need to build, test, deploy, scale, and observe AI agents in production. Founded in 2021, LiveKit powers voice and agentic AI applications for OpenAI, Salesforce, Spotify, Meta, and tens of thousands of other developers, collectively facilitating billions of calls each year.
This isn't one of those roles where "security" means running scans or writing policies that gather dust. We're looking for a real engineer — someone who thinks like a builder and a breaker. Someone who gets deep into the stack, whether it's an API endpoint, a container image, or a browser sandbox. You know how things are supposed to work — and what happens when they don't.
While some security professionals lean toward policy, compliance, or audits (and we value that too), we're after someone who wants to write code, secure systems, dig into strange bugs, and harden the platform from top to bottom. This is not a role for pointing out what needs to be done. It's for someone who's ready to do it.
think like both a builder and a breaker, and understand security from first principles
can analyze systems for weaknesses — whether they're in business logic, configuration, or code
translate security concerns into engineering action without being the "no" person
are an excellent communicator who can document and evangelize best practices across the org
stay current with security research, tooling, and threats — and put that knowledge into action
Own security across the stack — applications, services, infrastructure, and developer workflows
Proactively identify, assess, and mitigate risks in both infrastructure and application codebases
Lead secure code reviews, architecture discussions, and threat modeling sessions
Build tooling and automations that help prevent security issues before they reach production
Harden authentication and access control across internal and external surfaces
Partner closely with engineers across teams to design secure-by-default APIs, workflows, and deployments
Investigate vulnerabilities, respond to security incidents, and manage disclosure processes when needed
6+ years of experience as a software engineer with a strong interest in security engineering
You've led or heavily contributed to security engineering efforts across applications, infrastructure, or both
Experienced with threat modeling, secure coding practices, and vulnerability management
Worked with CI/CD systems, cloud platforms (AWS, GCP, etc.), and containerized environments
You've responded to real-world security incidents, led postmortems, or driven remediation efforts
Experience with security reviews of WebRTC, media pipelines, or real-time systems
Contributions to open-source security tooling or research
Hands-on experience with static and dynamic analysis tools, fuzzing, or sandboxing
You've built (or tried to build) something with LiveKit
An opportunity to build something truly impactful to the world
Contribute to open source alongside world-class engineers
Competitive salary and equity package
Health, dental, and vision benefits
Flexible vacation policy
LiveKit is an equal opportunity employer and does not discriminate on the basis of any characteristic protected by applicable law. If you require a reasonable accommodation during the application or interview process, please contact [email protected].
Compensation Range: $150K - $250K
