Security Engineer

About Vapi

Vapi is building the future of voice‑native applications. Our platform equips companies with everything they need—telephony, real‑time streaming, deterministic fallbacks, HIPAA/SOC2 compliance, and an AI testing suite—to launch production‑grade voice agents fast. In just 18 months, more than 150,000 developers have signed up, with over 1,000 new developers joining every day. Our mission is to make voice humanity’s default interface again by capturing nuance, emotion, and context that text alone misses. Try it now!

About the Role

As our first dedicated Security Engineer, you’ll play a critical role in protecting the foundation of Vapi’s platform as we scale to meet explosive developer demand. You’ll own the security function end-to-end—shaping our application, infrastructure, and compliance practices to ensure trust, reliability, and compliance for our customers. This role is essential to helping Vapi deliver enterprise-grade security while enabling our engineers to move fast and innovate without compromising safety.

What You’ll Do

• Own and manage the InfoSec function end-to-end, including:

• Application security (secure coding practices, threat modeling, code reviews, etc.)

• Infrastructure security (network hardening, identity/access management, secure deployments)

• Compliance requirements (e.g., SOC 2, PCI, ISO 27001, HIPAA, etc)

• Internal security practices (VPN setup, penetration testing, incident response planning)

• Collaborate with engineering to embed security into the development lifecycle

• Build and maintain security monitoring, alerting, and response systems

• Act as the internal security advocate, training and guiding the team on best practices

Who You Are

• 2+ years of professional software engineering experience (writing and reviewing production code)

• 2+ years of infrastructure/DevOps experience (cloud platforms, networking, automation, etc.)

• Demonstrated passion for and experience with information security

• Strong understanding of common security risks and how to mitigate them (OWASP, cloud security best practices, etc.)

• Experience with security tooling and frameworks (static analysis, vulnerability scanning, intrusion detection, etc.)

• Strong problem-solving skills and a bias toward ownership

• Nice to have:

  • Experience leading security initiatives in a startup environment

  • Familiarity with SOC 2 or ISO 27001 compliance programs

  • Prior penetration testing or incident response experience

Why Vapi

• Define the future of human–AI interaction: help pioneer a new era of voice-based AI products that are transforming how people and businesses communicate

• Own meaningful work at a breakout startup: join early, take real ownership, and have a direct hand in building a category-defining company from the ground up

• Surround yourself with exceptional people: work alongside a world-class team of engineers, operators, and builders backed by top-tier investors who believe in our mission

• Accelerate your career in a high-growth environment: grow fast, take on big challenges, and unlock opportunities as we scale one of the most exciting platforms in AI

What We Offer

• Competitive compensation: includes a strong base salary and meaningful equity ownership

• Comprehensive health coverage: medical, dental, and vision plans

• Flexible time off: take-what-you-need vacation policy with an emphasis on rest and balance

• Daily meals: catered lunches and dinners provided for in-office days

• Lifestyle & wellness stipends: monthly allowances to support rent, transportation, food, fitness, and mental well-being

• Professional development: annual learning stipends for courses, conferences, and upskilling

• Team connection: regular offsites, team events, and opportunities to build in-person relationships