Staff Security Engineer owns security across applications, infrastructure, and workflows at LiveKit. Requires 6+ years software engineering experience, hands-on security expertise in cloud/container environments, threat modeling, and incident response.
150k – 250k
Remote6+ YOESecurity Engineering
About the role
Responsibilities
Own security across the stack—applications, services, infrastructure, and developer workflows.
Proactively identify, assess, and mitigate risks in both infrastructure and application codebases.
Lead secure code reviews, architecture discussions, and threat modeling sessions.
Build tooling and automations that help prevent security issues before they reach production.
Harden authentication and access control across internal and external surfaces.
Partner closely with engineers across teams to design secure-by-default APIs, workflows, and deployments.
Investigate vulnerabilities, respond to security incidents, and manage disclosure processes when needed.
Stay current with security research, tooling, and threats—then put that knowledge into action.
Requirements
Hands-on engineer who understands security from first principles.
6+ years of experience as a software engineer with an interest in security engineering.
Led or heavily contributed to security engineering efforts across applications, infrastructure, or both.
Analyze systems for weaknesses—whether they’re in business logic, configuration, or code.
Experienced with threat modeling, secure coding practices, and vulnerability management.
Worked with CI/CD systems, cloud platforms (AWS, GCP, etc.), and containerized environments.
Translate security concerns into engineering action without being the “no” person.
Excellent communicator and collaborator who can document and evangelize best practices.
Responded to real-world security incidents, led postmortems, or driven remediation efforts.
Nice-to-Haves
Experience with security reviews of WebRTC, media pipelines, or real-time systems.
Contributions to open-source security tooling or research.
Hands-on experience with static and dynamic analysis tools, fuzzing, or sandboxing.
Compensation
Competitive salary and equity package.
Health, dental, and vision benefits.
Flexible vacations.
Remote-friendly work environment, with equipment provided.
Senior individual contributor owning cloud security architecture and guardrails for GCP workloads at a fintech trading platform. Leads threat modeling, edge defenses with Cloudflare/Armor, policy-as-code, incident response, and compliance controls while mentoring engineers.
145k – 195k
Hybrid8+ YOESecurity Engineering
Staff Engineer
TwilioUnited States
Technical lead performing advanced offensive security work including full-stack pentesting, red team operations, custom exploit development, AI/LLM red teaming, and bug bounty management. Requires 7-10 years experience, deep expertise in MITRE ATT&CK and OWASP, and proficiency with industry tools and scripting.
156k – 229k
Remote7+ YOESecurity Engineering
Staff Security Detection Engineer
DatabricksUnited States
Designs and implements scalable ML-driven intrusion detection solutions, optimizes log pipelines, and enhances threat detection on Databricks platform. Requires 10+ years experience in security detection engineering and expertise in cloud security, Python, and Spark.
143k – 273k
Remote10+ YOESecurity Engineering
Staff Product Security Engineer
OktaBellevue, WA +4
Staff-level product security engineer leading security reviews, threat modeling, penetration testing, and LLM/AI security assessments for Okta's identity platform. Requires deep manual security expertise and strong communication skills.
Senior technical owner building secure-by-default infrastructure, IaC modules, policy-as-code guardrails, and CI/CD security tooling for cloud and platform engineering teams.