Fireflies.ai is looking for a hands-on
Security Engineer to protect our infrastructure, product, and user data as we scale globally. This role is ideal for someone who can ship code, automate security workflows, triage vulnerabilities, and work closely with engineering teams to build secure systems.
What You'll Do:- Build and improve security controls across our product, backend, and infrastructure.
- Review code, architecture, and infrastructure for security risks.
- Run vulnerability assessments, penetration testing, and security audits.
- Debug and patch security issues in backend systems.
- Manage bug bounty triage and remediation workflows, including HackerOne.
- Automate security checks, alerts, and vulnerability workflows.
- Partner with engineering teams to promote secure coding practices.
- Support incident response and security investigations.
- Configure and maintain security tools such as firewalls, IDS/IPS, scanners, and monitoring systems.
What You Need:- 3+ years of experience in security engineering, backend security, or infrastructure security.
- Strong backend development experience with Node.js/TypeScript.
- Ability to ship code end-to-end.
- Good understanding of authentication, authorization, cryptography, and common vulnerabilities.
- Experience with security tools such as GitHub Advanced Security, Dependabot, CrowdStrike, Falco or similar.
- Experience with cloud security, preferably GCP or AWS.
- Familiarity with Kubernetes, Docker, and modern infrastructure security.
- Strong problem-solving and communication skills.
Nice to Have:- Experience with SaaS or high-growth startup environments.
- Bug bounty program experience.
- Experience with SOC 2, HIPAA, GDPR, Vanta, or similar
- Contributions to the security community, such as CVEs, talks, or open-source work.
- Experience with DevSecOps or security automation.
Tech Stack:- Node.js, TypeScript
- Go
- MongoDB
- Kubernetes, Docker
- GCP
- Pub/Sub architecture
- HackerOne, Vanta, GitHub Advanced Security
Values that are important to us:- You should be a great communicator and culture maintainer
- Take a look at our culture document
- You're data-driven and customer-focused
- You value fast & incremental engineering cycles
- You maintain design excellence and minimize complexity
- You measure your results & automate when possible
- You get 10% better at something every week
- You have agency with your internal compass and take accountability & initiative
- We value overcommunication, candid feedback and a results-driven culture
Perks and Benefits:- Competitive compensation
- Work remotely anywhere in your respective country
- Ability to move laterally within a team and grow rapidly
- Paid time off and flexible leave policy
- No boss culture
- Flexible working hours
- LGBTQ+ friendly
- Company offsites
- Tech reimbursements
