Apply on Employer Site

LiveKit · 1 month ago

Security Compliance Specialist

United States

Full-time

Remote

Senior Level

$120K/yr - $250K/yr

5+ years exp

LiveKit is revolutionizing the AI landscape by providing the network infrastructure that powers multimodal AI interfaces. They are seeking a Security Compliance Specialist to own their compliance function end-to-end, focusing on GRC and compliance operations while leading and maturing security and privacy compliance programs such as SOC 2, HIPAA, and GDPR.

Artificial Intelligence (AI)Cloud InfrastructureInformation TechnologyReal Time

H1B Sponsor Likely

Responsibilities

Lead and mature LiveKit’s security and privacy compliance programs (SOC 2, HIPAA, GDPR, ISO 27001, PCI DSS)

Own the day-to-day operations of our compliance workflows, from evidence collection to endpoint and access hygiene

Partner closely with Security and IT Engineers who own architecture, segmentation, logging, and technical controls, while you focus on controls design, documentation, governance, and audits

Own our security and privacy compliance programs across frameworks such as SOC 2, HIPAA, GDPR, ISO 27001, and PCI DSS, and help prepare the organization for future frameworks

Translate regulatory and framework requirements into clear, pragmatic controls that fit LiveKit’s engineering culture and infrastructure

Build and maintain the compliance roadmap and calendar, including audits, renewals, evidence collection cycles, and internal reviews

Lead customer and third-party security questionnaires, DDQs, and compliance reviews, partnering with Sales, Legal, and Engineering to respond efficiently and consistently

Maintain and continuously improve our policy set, including access control, asset management, vendor risk, incident response, and related governance documents

Track and report on compliance health, gaps, and remediation progress to leadership

Identify operational gaps and lead projects to close them, such as new approval flows, access reviews, or better documentation of data flows and responsibilities

Act as the primary point of contact for external auditors, assessors, and compliance vendors, coordinating walkthroughs, evidence requests, and responses

Partner with the Security Engineer and infra team on:

Scoping and documenting systems, data flows, and segmentation decisions for PCI and other frameworks

Ensuring technical controls (EDR, FIM, logging, vulnerability management) are mapped to compliance requirements, while keeping technical ownership with engineering

Work with GTM teams and leadership to champion compliance as a business enabler, helping unlock deals and maintain customer trust

Advise on risk, surface critical issues early, and drive remediation projects to completion with clear owners, timelines, and success criteria

Qualification

Security complianceGRCSOC 2HIPAAGDPRISO 27001PCI DSSProject managementTechnical conceptsRisk managementWritten communicationVerbal communication

Required

5+ years of experience in security compliance, GRC, or a closely related function, ideally with experience at a startup or in an early-stage environment

Deep familiarity with at least several of: SOC 2, HIPAA, GDPR, ISO 27001, PCI DSS, and an interest in newer or more advanced regimes

Demonstrated experience running audits end to end: planning, evidence, walkthroughs, findings, and remediation

Strong project management skills: you can juggle multiple frameworks, vendors, and internal stakeholders and keep everything moving without micromanagement

Excellent written and verbal communication skills. You can explain complex requirements in clear, approachable language and adapt your message to engineers, leadership, and customers

Preferred

Strong foundations in technical concepts: you are comfortable talking about infrastructure, logs, endpoints, identities, and segmentation even if you are not the one writing production code

Opinions about building efficient, low-friction, high-signal IT and compliance processes in a remote-first company

Experience writing code in personal or professional contexts (for example scripting, automation, or light development), even if you are not a full-time engineer

Prior experience supporting PCI, healthcare, or other highly regulated environments

Benefits

Competitive salary and equity package

Health, dental, and vision benefits

Flexible vacation policy

Company

LiveKit

LiveKit provides a cloud platform that enables developers to build, deploy, and manage real-time communication and AI-driven applications.

Founded in 2021

San Jose, California, USA

51-200 employees

https://livekit.io

H1B Sponsorship

LiveKit has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Represents job field similar to this job

Trends of Total Sponsorships

2025 (3)

Funding

Current Stage

Growth Stage

Total Funding

$181.3M

Key Investors

Index VenturesAltimeter CapitalRedpoint

2026-01-22Series C· $100M

2025-04-11Series B· $45M

2024-03-13Series A· $22M

Leadership Team

David Zhao

Co-Founder and CTO

Russell D'Sa

Founder

Recent News

FoundersToday

LiveKit secures $100M Series C to power the voice-driven era of computing

2026-01-24

TechCrunch

Voice AI engine and OpenAI partner LiveKit hits $1B valuation

2026-01-23

FinSMEs

LiveKit Raises $100M in Series C Funding at a $1 Billion Valuation

2026-01-23

Company data provided by crunchbase