Infrastructure Engineer - Security

About Vapi

Vapi is the most configurable platform for building voice agents. Our platform equips companies with everything they need—telephony, real‑time streaming, deterministic fallbacks, HIPAA/SOC2 compliance, and an AI testing suite—to launch production‑grade voice agents fast. In just 18 months, more than 300,000 developers have signed up, with over 1,500 new developers joining every day. Our mission is to make voice humanity’s default interface again by capturing nuance, emotion, and context that text alone misses. Try it now!

About the Role

As an Infrastructure Engineer – Security, you’ll be the primary owner of security within our infrastructure and codebase. This is a hands-on engineering role — you’ll design, implement, and automate secure systems across our platform, working closely with backend and DevOps teams to ensure that security is built into everything we deploy. You’ll also play a key role in maturing our compliance posture (SOC 2, HIPAA, ISO27001, GDPR, HITRUST) as we scale.

What You’ll Do

• Build, secure, and maintain our infrastructure across AWS and other cloud environments

• Write production-quality code (Python, TypeScript, or similar) to automate, test, and harden systems

• Own the InfoSec function end-to-end, including:

  • Secure coding practices and threat modeling

  • Infrastructure security (network hardening, IAM, secret management, secure deployments)

  • Application security reviews and vulnerability remediation

  • Compliance programs (SOC 2, HIPAA, ISO 27001, etc.)

  • Incident response planning and postmortems

• Collaborate with engineering to embed security into the development lifecycle

• Build and maintain security monitoring, alerting, and response systems

• Act as a security advocate within the team, mentoring engineers on best practices

Who You Are

• 3+ years of professional software engineering experience (writing and reviewing production code)

• 2+ years of infrastructure or DevOps experience (cloud platforms, networking, automation, etc.)

• Strong understanding of security risks and mitigations (OWASP, cloud security, CI/CD best practices)

• Experience with infrastructure-as-code (Terraform, CloudFormation, Pulumi, etc.)

• Hands-on experience with security tooling (static/dynamic analysis, vulnerability scanning, intrusion detection, etc.)

• Bias for ownership, automation, and continuous improvement

• Nice to have:

  • Experience leading security initiatives in a fast-scaling startup

  • Familiarity with SOC 2 or ISO 27001 compliance programs

  • Prior penetration testing or incident response experience

Why Vapi

• Define the future of human–AI interaction: help pioneer a new era of voice-based AI products that are transforming how people and businesses communicate

• Own meaningful work at a breakout startup: join early, take real ownership, and have a direct hand in building a category-defining company from the ground up

• Surround yourself with exceptional people: work alongside a world-class team of engineers, operators, and builders backed by top-tier investors who believe in our mission

• Accelerate your career in a high-growth environment: grow fast, take on big challenges, and unlock opportunities as we scale one of the most exciting platforms in AI

What We Offer

• Competitive compensation: includes a strong base salary and meaningful equity ownership

• Comprehensive health coverage: medical, dental, and vision plans

• Flexible time off: take-what-you-need vacation policy with an emphasis on rest and balance

• Daily meals: catered lunches and dinners provided for in-office days

• Lifestyle & wellness stipends: monthly allowances to support rent, transportation, food, fitness, and mental well-being

• Professional development: annual learning stipends for courses, conferences, and upskilling

• Team connection: regular offsites, team events, and opportunities to build in-person relationships