Leads security architecture for a multi-tenant SaaS platform, defining vision, mentoring engineers, conducting reviews, and managing risks. Requires 8+ years in security engineering, technical leadership, and cloud-native expertise, especially GCP.
228k – 363k
Hybrid8+ YOESecurity Engineering
About the role
What You'll Do
Technical Leadership & Mentorship
Architectural North Star: Act as the lead technical voice for security architecture, defining the long-term vision and ensuring consistency across complex infrastructure and product projects.
Technical Mentorship: Provide high-level guidance and mentorship to security engineers, fostering a culture of technical excellence and rigorous security design without the overhead of administrative management.
Project Steering: Lead cross-functional squads through complex security implementations, from initial design to final production deployment.
Architecture Strategy & Risk Management
Maintain the Source of Truth: Define and maintain (document) the authoritative "Source of Truth" for Replit’s secure architecture, ensuring these patterns are consistently adopted across all engineering teams.
Secure Bootstrapping & Isolation: Drive the design for secure bootstrapping and multi-layered trust. Enforce isolation principles at every level—from technical containerization and network segmentation to business logic and multi-tenant resource separation.
Contribution to Risk Register: Actively identify, document, and quantify architectural security risks. You will be responsible for ensuring these are accurately reflected in the Cybersecurity Risk Register, translating technical debt into actionable risk profiles for executive stakeholders.
Security Design & Review
Deep-Dive Reviews: Oversee and conduct deep-dive security reviews for core product features and infrastructure, identifying potential threats and mitigating risks early in the development lifecycle.
Availability & Resilience: Own the architectural strategy for Availability, specifically defending against DoS threats to ensure a highly resilient platform.
Cross-Functional Enablement
Compliance & Documentation: Partner with GRC teams to translate complex architectural designs into clear, audit-ready documentation and control frameworks. Evaluate required controls against architecture and assess readiness for future compliance certifications.
GTM & Sales Support: Act as the technical bridge for the Sales team, addressing complex security inquiries from enterprise customers regarding Replit's architectural integrity.
Required Skills & Experience
8+ years of experience in security engineering or security architecture.
Proven experience as a Technical Lead, steering large-scale projects and guiding the work of other senior engineers.
Experience writing and maintaining Architecture documents.
Deep expertise in cloud-native security architecture (GCP experience is a significant plus) for multi-tenant SaaS products.
Experience designing secure boot, hardware/Cloud-KMS-rooted trust, and multi-layered defense systems.
Strong understanding of isolation technologies and DDoS mitigation.
Exceptional ability to communicate technical risk to both engineering and executive audiences.
Strong track record of contributing to Cybersecurity Risk Register.
What We Value
Systems Thinking: The ability to see the "big picture" and understand how security decisions impact the entire stack.
Technical Influence: The ability to drive technical alignment across the organization through expertise and collaboration rather than direct authority.
Autonomy: Comfortable leading major technical initiatives and driving outcomes with minimal oversight.
Problem-Solving Mindset: A passion for breaking down complex security challenges into elegant, scalable engineering solutions.
Senior Security Engineer owning risk identification, threat modeling, vulnerability management, and secure architecture projects. Partners with engineering to build security culture and tools while minimizing operational friction. Requires independent ownership, software development experience, and strong collaboration skills.
227k – 267k
Remote5+ YOESecurity Engineering
Senior Engineer, Agentic Identity
BaselayerSan Francisco, CA
Build and own core components of KYA (Know Your Agent), a cryptographic identity substrate for AI agents using verifiable credentials, JWS, OAuth, and Merkle logs. Requires production experience shipping cryptographically correct identity systems in Python and Go.
230k – 340k
Hybrid5+ YOESecurity Engineering
Security Engineer, Detection and Response
NotionSan Francisco, CA +1
Build and operate detection systems for cloud, identity, endpoints, and SaaS. Design high-signal detections, improve detection platforms, and participate in incident response.
230k – 260k
Hybrid6+ YOESecurity Engineering
Manager, GRC Subject Matter Experts, Product
VantaUnited States
Lead and develop a team of GRC subject matter experts responsible for the lifecycle, quality, and product integration of Vanta's security and compliance frameworks. Own end-to-end framework release processes while partnering with Product and Engineering.
230k – 311k
Remote7+ YOESecurity Engineering
Security Engineer - Tech Lead
Luma AIPalo Alto, CA
Lead design and implementation of security foundations including access governance, RBAC/ABAC, secrets management, and agent permissions for AI platforms. Partner with teams to embed secure practices while maintaining velocity; requires hands-on coding and production security experience.