# Member of Technical Staff, DevSecOps

**Company:** [Vapi](https://hotfix.jobs/companies/vapi)
**Location:** San Francisco, CA
**Role:** Security Engineering
**Salary:** $180k – $280k/yr
**Experience:** 5+ years
**Skills:** AWS, Kubernetes, Postgres, Voip, DevSecOps, CI/CD, SOC 2, ISO 27001, HIPAA, Drata
**Posted:** 2026-06-08

> Hands-on DevSecOps lead building and hardening security posture for a voice AI platform serving Fortune 500 customers. Focus on shift-left security, compliance automation, and multi-tenant infrastructure.

## Job Description

## What You'll Do
- Make Vapi's security posture world-class for the enterprise — shift security left, catch regressions during code review and CI, and harden our multi-tenant infrastructure as we onboard the Fortune 500.
- Build automation as a security primitive — including agentic systems that run penetration tests against staging ahead of every release, and that auto-remediate issues as they surface.
- Own the compliance roadmap end-to-end alongside InfoSec, including Drata and the automations that keep us audit-ready as we expand into new regions and regulated industries.
- Partner deeply with Engineering, InfoSec, and GRC — building guardrails developers actually use, not ad-hoc controls bolted on after the fact.
- Be the authority Sales and GTM lean on — giving prospects and enterprise customers the confidence that Vapi's security posture matches the trust they're placing in us.

## Who You Are

### Must-Haves
- 5–10 years of engineering experience, with significant time in modern cloud-native SaaS — AWS, Kubernetes, Postgres, and ideally VoIP.
- Strong understanding of security in a multi-tenant cloud environment serving regulated enterprise customers with many third-party integrations.
- High proficiency writing and reviewing code — you can ship the fix, not just file the ticket.
- Invested in shift-left security: catching regressions during code and test, not after production incidents.
- Collaborative by default — you build guardrails with security, engineering, and GRC partners rather than operating as a lone wolf.
- Hands-on by preference; comfortable as a senior IC or lead, not looking to step into pure management.

### Nice-to-Haves
- Direct experience securing CI/CD pipelines.
- Background as a backend software engineer.
- Experience with compliance frameworks (SOC 2, ISO 27001, HIPAA) and tools like Drata.
- Familiarity with VoIP / telephony security and the failure modes of real-time systems.

## What We Offer
- Competitive compensation: includes a strong base salary and meaningful equity ownership.
- Comprehensive health coverage: medical, dental, and vision plans.
- Flexible time off: take-what-you-need vacation policy with an emphasis on rest and balance.
- Daily meals: catered lunches and dinners provided for in-office days.
- Lifestyle & wellness stipends: monthly allowances to support rent, transportation, food, fitness, and mental well-being.
- Professional development: annual learning stipends for courses, conferences, and upskilling.
- Team connection: regular offsites, team events, and opportunities to build in-person relationships.

## Similar roles

- [Staff Product Security Engineer](https://hotfix.jobs/jobs/9df996cd-f7e2-42a0-89f2-ca7955b3655e) - Okta - San Francisco, CA - $180k – $248k/yr
- [Member of Technical Staff - Imagine Safety](https://hotfix.jobs/jobs/db3807de-87f6-4bc5-a3b9-1ed8b978c2ef) - xAI - Palo Alto, CA - $180k – $440k/yr
- [Staff Security Engineer](https://hotfix.jobs/jobs/a6d606fd-cc10-4d0f-94b9-7894969af192) - Order.co - Remote - $180k – $220k/yr
- [Member of Technical Staff, X Platform Security](https://hotfix.jobs/jobs/976e542c-fee6-442e-b916-0577378e4c64) - xAI - Palo Alto, CA - $180k – $340k/yr
- [Staff Software Engineer - IAM](https://hotfix.jobs/jobs/8798a3e7-1831-475e-bcf1-65eb8ac450e1) - Databricks - Bellevue, WA - $181k – $261k/yr

**Apply:** https://hotfix.jobs/jobs/7481e105-881d-4971-988f-7590776a1a4f
**Canonical:** https://hotfix.jobs/jobs/7481e105-881d-4971-988f-7590776a1a4f