Offer summary

Qualifications:

Proven experience in infrastructure security engineering, preferably in an infrastructure-heavy company., Fluency in Terraform, CI/CD pipelines, and cloud-native tooling is essential., Strong understanding of system auditing and low-level system improvements., Ability to document and promote security practices effectively..

Key responsabilities:

Own the infrastructure security domain from design to execution.

Maintain and enhance Terraform configurations for reliability and security.

Automate the creation of system images within CI/CD pipelines to ensure compliance.

Implement best practices for infrastructure hardening, authentication, and access control.

Job description

This isn’t one of those roles where “security” is just about running scans or writing policies no one follows. No. We’re actually looking for an engineer*. A type of engineer who thrives in the guts of infrastructure—who understands Terraform inside and out, can rebuild images in their sleep, and has a sixth sense for what might be lurking in a container pipeline. Some security folks tend to lean toward theory, audits, and advisories; we respect that, but what we’re after is someone who wants to hack, build, secure, and go deep. Said differently, this isn’t about telling someone else what needs to be done. This is about owning it—and doing it.

We’re looking for someone who has been in charge of infrastructure security before, who understands what it means to run point on security engineering for real, and who can dig into low-level systems and implement best practices that scale. If ensuring that every machine has the right certificate authority installed, every image is current and hardened, and every Terraform change is airtight sounds like your kind of challenge, you might be perfect for this.

As an Infrastructure Security Engineer at LiveKit, you will:

Own the infrastructure security domain end-to-end—from design to execution.
Understand, maintain, and enhance our Terraform configurations to keep our infrastructure both reliable and secure.
Rebuild and automate the creation of system images as part of our CI/CD pipelines, ensuring our environments are always up-to-date and compliant.
Drive the security to-do list forward: prioritize, execute, document.
Implement and enforce best practices around infrastructure hardening, authentication, and access control—including maintaining certificate authority presence across machines.
Collaborate with the broader engineering team to ensure secure-by-default design patterns and workflows.
Stay ahead of the curve on security threats and emerging tools, keeping LiveKit’s infrastructure resilient and hardened.

About You

You’ll thrive as an Infrastructure Security Engineer if:

You are an engineer. One that builds and breaks systems, in equal measure.
You’ve previously owned or led security engineering at an infrastructure-heavy company.
You’re fluent in Terraform, CI/CD pipelines, and cloud-native tooling.
You can audit a system and tell what’s wrong—not just on the surface, but under the hood.
You enjoy understanding how things work at a low level and improving them for everyone.
You’re as comfortable documenting and evangelizing security practices as you are implementing them.
You don’t just know best practices—you enforce them.

Bonus Points

You’ve contributed to or built open-source security tooling.
You’ve written hardened images and automated their deployment at scale.
You’ve worked at a company with a mature security posture and helped improve it further.
You’ve previously handled incident response, vulnerability triage, or postmortems.
You’ve built something with LiveKit (always a plus!).

Required profile