Security Engineer

Fireflies.ai is the #1 AI teammate for meetings, trusted by over 20 million people across more than 500,000 organizations from fast-growing startups to Fortune 500 enterprises. Whether in sales, project management, marketing, operations, or product development, Fireflies is revolutionizing team collaboration by capturing knowledge, automating repetitive tasks, and enhancing productivity before, during, and after every meeting. Recognized as a category-defining platform, Fireflies has achieved unicorn status with a valuation exceeding $1 billion. Ramp data shows Fireflies is the 6th most purchased AI platform in the US. Chances are, you’ve already seen Fireflies in action, quietly powering one of your recent meetings. Fireflies.ai is looking for a hands-on Security Engineer to protect our infrastructure, product, and user data as we scale globally. This role is ideal for someone who can ship code, automate security workflows, triage vulnerabilities, and work closely with engineering teams to build secure systems. What You’ll Do: Build and improve security controls across our product, backend, and infrastructure. Review code, architecture, and infrastructure for security risks. Run vulnerability assessments, penetration testing, and security audits. Debug and patch security issues in backend systems. Manage bug bounty triage and remediation workflows, including HackerOne. Automate security checks, alerts, and vulnerability workflows. Partner with engineering teams to promote secure coding practices. Support incident response and security investigations. Configure and maintain security tools such as firewalls, IDS/IPS, scanners, and monitoring systems. What You Need: 3+ years of experience in security engineering, backend security, or infrastructure security. Strong backend development experience with Node.js/TypeScript. Ability to ship code end-to-end. Good understanding of authentication, authorization, cryptography, and common vulnerabilities. Experience with security testing tools such as Burp Suite, Metasploit, Wireshark, or similar. Experience with cloud security, preferably GCP or AWS. Familiarity with Kubernetes, Docker, and modern infrastructure security. Strong problem-solving and communication skills. Nice to Have: Experience with SaaS or high-growth startup environments. Bug bounty program experience. Experience with SOC 2, HIPAA, GDPR, Vanta, or GitHub Advanced Security. Contributions to the security community, such as CVEs, talks, or open-source work. Experience with DevSecOps or security automation. Tech Stack: Node.js, TypeScript MongoDB Kubernetes, Docker GCP Pub/Sub architecture HackerOne, Vanta, GitHub Advanced Security Values that are important to us: You should be a great communicator and culture maintainer Take a look at our culture document You're data-driven and customer-focused You value fast & incremental engineering cycles You maintain design excellence and minimise complexity You measure your results & automate when possible You get 10% better at something every week You have an internal compass and take accountability & initiative We value overcommunication, candid feedback and a results-driven culture Perks and Benefits: Competitive compensation Work remotely anywhere in your respective country Ability to move laterally within a team and grow rapidly Paid time off and flexible leave policy No boss culture Flexible working hours LGBTQ+ friendly Company offsites Tech reimbursements About us: At Fireflies.ai , we’re revolutionizing the way teams interact with AI in their daily work. Our inclusive culture champions security, innovation, customer experience, and growth. Backed by $19 million from top-tier investors like Canaan, Khosla Ventures, and angels from Slack, Facebook, Dropbox, Amazon, and Salesforce, Fireflies is driven by a passionate 100+ member global team spanning 20+ countries and every timezone. We’re building a world-class, global-first team, and we dogfood our product to do so. We are an equal opportunity employer and strongly value diversity at our company because our team will be stronger with different perspectives and experiences. We do not discriminate based on race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.