Build and operate AI-powered abuse detection and response systems for a developer platform. Focus on LLM guardrails, fraud detection, and automated enforcement across millions of daily actions.
210k – 265k
Hybrid4+ YOESecurity Engineering
About the role
Responsibilities
Design and implement LLM guardrails that detect abuse scenarios in AI-generated code and agent interactions
Build AI-powered detection systems that use LLMs to identify malicious patterns, classify threats, and automate response decisions
Build and operate abuse detection systems that identify phishing, cryptomining, account takeover, and financial fraud across millions of daily user actions
Design automated response mechanisms that enforce platform policies without manual intervention
Own the full abuse response lifecycle: detection, investigation, enforcement, and handling appeals alongside Support and Legal
Analyze attack patterns using BigQuery and Hex, turning investigation findings into new detection rules
Maintain and extend internal detection tools (Slurper, Netwatch) that continuously monitor user activity
Integrate and tune security scanners (SAST, SCA) in CI pipelines with tight performance SLAs
Track abuse trends, measure detection effectiveness, and adapt defenses as attack patterns evolve
Requirements
4+ years of experience in security engineering, anti-abuse, trust & safety, or fraud detection
Strong programming skills in Python and/or TypeScript for building detection systems and automation
Experience with SQL and data analysis at scale (BigQuery, Snowflake, or similar)
Experience building or fine-tuning ML/LLM-based classifiers for security or abuse detection
Familiarity with prompt injection, jailbreaking, and other LLM-specific attack vectors
Ability to investigate complex abuse patterns and translate findings into automated defenses
Familiarity with common attack patterns: phishing infrastructure, account takeover, credential stuffing, resource abuse
Clear communication skills for working across Security, Support, Legal, and Engineering teams
Nice to Have
Experience at a platform company dealing with user-generated content or compute abuse (hosting providers, cloud platforms, developer tools)
Background in fraud detection, payment abuse, or financial crime
Familiarity with device fingerprinting, IP reputation, and email validation services
Experience with CI/CD security tooling (SAST, SCA, Dependabot, Snyk)
Knowledge of container security, Linux internals, or cloud infrastructure (GCP preferred)
Prior work with abuse reporting pipelines, trust & safety tooling, or content moderation systems
Third Party Risk Management and Customer Trust Lead
ReplitFoster City, CA
Lead substantive third-party risk management and customer trust programs at Replit, independently assessing vendor and AI model risks via SOC 2 reviews, architecture analysis, and contract redlining in partnership with Legal. Requires 8+ years GRC experience building scalable TPRM processes.
210k – 270k
Hybrid8+ YOESecurity Engineering
Lead Security Engineer
AlembicSan Francisco, CA
Lead Security Engineer to own end-to-end system, network, and host security for an on-prem Kubernetes-based AI factory. Design controls, lead incident response, balance open culture with IP/customer data protection; requires 8+ years security engineering with deep Kubernetes, on-prem, and incident experience.
210k – 240k
On-site8+ YOESecurity Engineering
Sr. Engineering Manager, Application Security
BettermentNew York, NY
Senior Engineering Manager leading Application Security squad to build secure software by default through threat modeling, design reviews, vulnerability management, and developer tooling. Requires hands-on team leadership and expertise across the AppSec stack.
210k – 250k
Hybrid7+ YOESecurity Engineering
Senior Software Engineer, Fraud
ReplitFoster City, CA
Build and operate AI-powered fraud and abuse detection systems on Replit's agentic platform. Design LLM guardrails, ML classifiers, and automated response mechanisms to combat phishing, cryptomining, and platform exploitation.
210k – 265k
Hybrid4+ YOESecurity Engineering
Senior Software Engineer, Risk
ReplitFoster City, CA
Build and operate AI-powered abuse detection and response systems to protect Replit's platform from phishing, cryptomining, fraud, and LLM-specific attacks. Requires 4+ years in security/anti-abuse and strong Python/TypeScript + SQL skills.