Original listing text, shown exactly as published by the company.
Responsibilities
Threat Awareness & Rapid Assessment
- Continuously monitor emerging threats, including bad actor activity, 0-day vulnerabilities, public exploitation campaigns, bug bounty reports, and customer-reported security issues
- Quickly assess the applicability of these threats to Replit’s cloud infrastructure, SaaS services, internal tooling, and platform components.
Investigation & Impact Analysis
- Conduct targeted investigations to determine whether Replit is already impacted by a newly discovered threat, vulnerability, or exploit.
- Analyze logs, telemetry, and system behaviors using SIEM, metrics, Cloud Logging, and related tools.
- Identify gaps or weaknesses in existing detection or visibility and propose improvements.
Containment, Mitigation & Cross-Team Collaboration
- Research potential impact paths and develop mitigation strategies for confirmed or applicable threats.
- Partner closely with Security, SRE, and Engineering teams to coordinate and implement containment, patches, configuration updates, or code-level fixes.
- Document findings, mitigations, and follow-up actions clearly for internal teams.
Required Skills & Experience
- Strong understanding of software engineering fundamentals, including code structure, build systems, dependencies, and package ecosystems—enabling effective partnership with Engineering teams.
- Understanding of CI/CD pipelines and DevOps workflows, enabling collaboration with Infrastructure and DevOps teams.
- Solid knowledge of cloud architecture, especially Google Cloud Platform (GCP) services used in modern cloud-native deployments.
- Familiarity with SaaS architectures, identity systems, and integration patterns for effective collaboration with Cloud Security teams.
- Hands-on experience with SIEM, Cloud Logging, and log-based investigation workflows.
- Ability to perform investigations using log data, behavioral indicators, and threat intelligence.
- General understanding of vulnerability lifecycles, exploitability analysis, and common attack vectors.
Preferred Qualifications
- Experience with threat intelligence, security research, or vulnerability analysis.
- Familiarity with Kubernetes, containers, serverless infrastructure, or modern distributed systems.
- Ability to write scripts or small tools for investigation or automation (Python, Go, Bash).
- Experience working with bug bounty programs or coordinated vulnerability disclosure workflows.
- Experience in fast-paced, cloud-native, or AI/ML-driven environments.
What We Value
- Curiosity & initiative: Strong desire to understand attacker behaviors, emerging threats, and how they apply to real-world systems.
- Speed & analytical rigor: Ability to quickly assess high-risk vulnerabilities with clear, evidence-based reasoning.
- Collaboration: Comfort working across cross-functional teams spanning Security, SRE, Engineering, and Infrastructure.
- Clear communication: Ability to explain findings, risks, and mitigation strategies to stakeholders at all levels.
- Ownership mindset: Takes initiative to drive investigations, improvements, and remediations to completion
- Continuous learning: Passion for staying up to date on new vulnerabilities, exploit trends, and cloud-native security best practices.
This is a full-time role that can be held from our Foster City, CA office. The role has an in-office requirement of Monday, Wednesday, and Friday.
