Job description

LiveKit is revolutionizing the AI landscape by providing the essential network infrastructure that powers multimodal AI interfaces, enabling seamless audio and visual interactions. Founded in 2021, LiveKit has rapidly grown to support over 3 Billion calls annually, 100,000+ developers globally, and industry giants like OpenAI, Character AI, Spotify, and Meta.

You'll thrive at LiveKit if you:

obsess with crafting code that is fast, reliable and practical for the problem
are known as the go-to person for tackling tough technical problems
work hard and can build and ship fast
can clearly explain complex technical concepts to others
are a fast learner, frequently picking up new languages and tools

The best way to impress us is with thoughtful Issues and/or PRs on our Github repos 😊

About this role:

This isn’t one of those roles where “security” means running scans or writing policies that gather dust. We’re looking for a real engineer—someone who thinks like a builder and a breaker. Someone who gets deep into the stack, whether it’s an API endpoint, a container image, or a browser sandbox. You know how things are supposed to work—and what happens when they don’t.

While some security professionals lean toward policy, compliance, or audits (and we value that too), we’re after someone who wants to write code, secure systems, dig into strange bugs, and harden the platform from top to bottom. This is not a role for pointing out what needs to be done. It’s for someone who’s ready to do it.

As a Security Engineer at LiveKit, you will:

Own security across the stack—applications, services, infrastructure, and developer workflows.
Proactively identify, assess, and mitigate risks in both infrastructure and application codebases.
Lead secure code reviews, architecture discussions, and threat modeling sessions.
Build tooling and automations that help prevent security issues before they reach production.
Harden authentication and access control across internal and external surfaces.
Partner closely with engineers across teams to design secure-by-default APIs, workflows, and deployments.
Investigate vulnerabilities, respond to security incidents, and manage disclosure processes when needed.
Stay current with security research, tooling, and threats—then put that knowledge into action.

About You

You’ll thrive in this role if:

You’re a hands-on engineer who understands security from first principles.
6+ years of experience as a software engineer with an interest in security engineering.
You’ve led or heavily contributed to security engineering efforts across applications, infrastructure, or both.
You can analyze systems for weaknesses—whether they’re in business logic, configuration, or code.
You’re experienced with threat modeling, secure coding practices, and vulnerability management.
You’ve worked with CI/CD systems, cloud platforms (AWS, GCP, etc.), and containerized environments.
You can translate security concerns into engineering action without being the “no” person.
You’re an excellent communicator and collaborator who can document and evangelize best practices.
You’ve responded to real-world security incidents, led postmortems, or driven remediation efforts.

Bonus Points

Experience with security reviews of WebRTC, media pipelines, or real-time systems.
Contributions to open-source security tooling or research.
Hands-on experience with static and dynamic analysis tools, fuzzing, or sandboxing.
You've built (or tried to build) something with LiveKit (we always love that!).