# Security Architecture Lead

**Company:** [Replit](https://hotfix.jobs/companies/replit)
**Location:** Foster City, CA
**Role:** Security Engineering
**Salary:** $228k – $363k/yr
**Experience:** 8+ years
**Skills:** Security Architecture, GCP, Cloud-Native Security, Ddos Mitigation, Isolation Technologies, Secure Bootstrapping, Kms, Multi-Tenant Saas, Risk Management, Architecture Documentation
**Posted:** 2026-02-10

> Leads security architecture for a multi-tenant SaaS platform, defining vision, mentoring engineers, conducting reviews, and managing risks. Requires 8+ years in security engineering, technical leadership, and cloud-native expertise, especially GCP.

## Job Description

## What You'll Do

### Technical Leadership & Mentorship
- **Architectural North Star:** Act as the lead technical voice for security architecture, defining the long-term vision and ensuring consistency across complex infrastructure and product projects.
- **Technical Mentorship:** Provide high-level guidance and mentorship to security engineers, fostering a culture of technical excellence and rigorous security design without the overhead of administrative management.
- **Project Steering:** Lead cross-functional squads through complex security implementations, from initial design to final production deployment.

### Architecture Strategy & Risk Management
- **Maintain the Source of Truth:** Define and maintain (document) the authoritative "Source of Truth" for Replit’s secure architecture, ensuring these patterns are consistently adopted across all engineering teams.
- **Secure Bootstrapping & Isolation:** Drive the design for secure bootstrapping and multi-layered trust. Enforce isolation principles at every level—from technical containerization and network segmentation to business logic and multi-tenant resource separation.
- **Contribution to Risk Register:** Actively identify, document, and quantify architectural security risks. You will be responsible for ensuring these are accurately reflected in the **Cybersecurity Risk Register**, translating technical debt into actionable risk profiles for executive stakeholders.

### Security Design & Review
- **Deep-Dive Reviews:** Oversee and conduct deep-dive security reviews for core product features and infrastructure, identifying potential threats and mitigating risks early in the development lifecycle.
- **Availability & Resilience:** Own the architectural strategy for Availability, specifically defending against DoS threats to ensure a highly resilient platform.

### Cross-Functional Enablement
- **Compliance & Documentation:** Partner with GRC teams to translate complex architectural designs into clear, audit-ready documentation and control frameworks. Evaluate required controls against architecture and assess readiness for future compliance certifications.
- **GTM & Sales Support:** Act as the technical bridge for the Sales team, addressing complex security inquiries from enterprise customers regarding Replit's architectural integrity.

## Required Skills & Experience
- **8+ years** of experience in security engineering or security architecture.
- **Proven experience as a Technical Lead**, steering large-scale projects and guiding the work of other senior engineers.
- Experience writing and maintaining Architecture documents.
- Deep expertise in cloud-native security architecture (**GCP** experience is a significant plus) for multi-tenant SaaS products.
- Experience designing secure boot, hardware/Cloud-KMS-rooted trust, and multi-layered defense systems.
- Strong understanding of isolation technologies and DDoS mitigation.
- Exceptional ability to communicate technical risk to both engineering and executive audiences.
- Strong track record of contributing to **Cybersecurity Risk Register**.

## What We Value
- **Systems Thinking:** The ability to see the "big picture" and understand how security decisions impact the entire stack.
- **Technical Influence:** The ability to drive technical alignment across the organization through expertise and collaboration rather than direct authority.
- **Autonomy:** Comfortable leading major technical initiatives and driving outcomes with minimal oversight.
- **Problem-Solving Mindset:** A passion for breaking down complex security challenges into elegant, scalable engineering solutions.

## Similar roles

- [Senior Security Engineer](https://hotfix.jobs/jobs/62309998-452a-45f9-8dd9-ed880eb50a2d) - Vanta - Remote - $227k – $267k/yr
- [Senior Engineer, Agentic Identity](https://hotfix.jobs/jobs/854f4cd6-219a-48bf-b2b4-4cdaef0947e3) - Baselayer - San Francisco, CA - $230k – $340k/yr
- [Security Engineer, Detection and Response](https://hotfix.jobs/jobs/ad36f4af-adb4-4f56-9cf2-412bc3302227) - Notion - San Francisco, CA - $230k – $260k/yr
- [Manager, GRC Subject Matter Experts, Product](https://hotfix.jobs/jobs/36e666cc-cc41-42c2-a93f-0fd3c7363c35) - Vanta - Remote - $230k – $311k/yr
- [Security Engineer - Tech Lead](https://hotfix.jobs/jobs/8cfaaaab-7daf-4731-8dc4-6131fca0e597) - Luma AI - Palo Alto, CA - $230k – $360k/yr

**Apply:** https://hotfix.jobs/jobs/f0fce5f5-9d5e-42ec-ade2-3a5d749ca2f8
**Canonical:** https://hotfix.jobs/jobs/f0fce5f5-9d5e-42ec-ade2-3a5d749ca2f8