USD per year
Security Engineer
Fireflies.ai is the #1 AI assistant for meetings, trusted by over 20 million people across more than 1 million organisations from fast-growing startups to Fortune 500 enterprises. Whether in sales, project management, marketing, operations, or product development, Fireflies is revolutionizing team collaboration by capturing knowledge, automating repetitive tasks, and enhancing productivity before, during, and after every meeting. Recognized as a category-defining platform, Fireflies has achieved unicorn status with a valuation exceeding $1 billion. Ramp data shows Fireflies is the 6th most purchased AI platform in the US. Chances are, you’ve already seen Fireflies in action, quietly powering one of your recent meetings.
What You’ll Do:
- Build and improve security controls across our product, backend, and infrastructure.
- Review code, architecture, and infrastructure for security risks.
- Run vulnerability assessments, penetration testing, and security audits.
- Debug and patch security issues in backend systems.
- Manage bug bounty triage and remediation workflows, including HackerOne.
- Automate security checks, alerts, and vulnerability workflows.
- Partner with engineering teams to promote secure coding practices.
- Support incident response and security investigations.
- Configure and maintain security tools such as firewalls, IDS/IPS, scanners, and monitoring systems.
What You Need:
- 3+ years of experience in security engineering, backend security, or infrastructure security.
- Strong backend development experience with Node.js/TypeScript.
- Ability to ship code end-to-end.
- Good understanding of authentication, authorization, cryptography, and common vulnerabilities.
- Experience with security tools such as GitHub Advanced Security, Dependabot,
CrowdStrike, Falco or similar.
- Experience with cloud security,
preferably GCP or AWS.
- Familiarity with Kubernetes,
Docker, and modern infrastructure security.
- Strong problem-solving and communication skills.
Nice to Have:
- Experience with SaaS or high-growth startup environments.
- Bug bounty program experience.
- Experience with SOC 2,
HIPAA, GDPR, Vanta or similar
- Contributions to the security community such as CVEs talks or open-source work.
- Experience with DevSecOps or security automation.
Tech Stack:
- Node.js
- TypeScript
- Go
- MongoDB
- Kubernetes
- Docker
- GCP
- Pub/Sub architecture
- HackerOne
- Vanta
- GitHub Advanced Security
Values that are important to us:
- You should be a great communicator and culture maintainer
- Take a look at our culture document
- You're data-driven and customer-focused
- You value fast & incremental engineering cycles
- You maintain design excellence and minimize complexity
- You measure your results & automate when possible
- You get 10% better at something every week
- You have agency with your internal compass and take accountability & initiative
- We value overcommunication candid feedback and a results-driven culture
Perks and Benefits:
- Competitive compensation
- Work remotely anywhere in your respective country
- Ability to move laterally within a team and grow rapidly
- Paid time off and flexible leave policy
- No boss culture
Fireflies AI is the #1 AI Notetaker for meetings that transcribes, summarizes, searches, and analyzes all team conversations. It offers high-quality meeting transcription and recording with 95% accuracy, supports 100+ languages, speaker recognition, and auto-language detection. Provides comprehensive AI summaries including detailed notes, action items, and customized summaries instantly after every meeting. Features include AI Note Taker Bot, Chrome Extension for Google Meet calls, Mobile and Desktop Apps, Dialers & API integration for call transcription, and AI-powered search to remember conversations. Offers real-time suggestions, coaching, and answers during meetings with Live Assist. Provides conversation intelligence with analytics such as speaker talk-time, sentiment analysis, topic trackers. Integrates with popular work tools like Salesforce, Hubspot, Asana, Trello, Lever, BambooHR, Greenhouse, Slack. Enterprise-grade security with SOC 2 Type II compliance, GDPR compliance, HIPAA compliance for healthcare organizations; zero data retention; private storage; customer data ownership.
View Company Profile