Staff Software Engineer leading platform security initiatives, building secure IAM systems, cloud infrastructure baselines, and supply chain security tools. Requires 5+ years in production systems, software development in Python/Rust, and securing large-scale cloud environments.
248k – 279k/yr
Remote5+ YOESecurity Engineering
About the role
What you'll do
Shape company-wide security strategy and lead software engineering projects on a highly-autonomous and horizontally-integrated team. This is a code-forward role!
Develop and apply best-in-class secure baselines for cloud infrastructure.
Secure first- and third-party software supply chains, from the dev environment through CI/CD and into production.
Build and own identity and access management (IAM) systems that are user-friendly and promote least privilege.
Manage infrastructure vulnerabilities while supporting rapid growth for Engineering.
Consult on risk assessments, architectural designs, threat models, code reviews, and more—pragmatically balancing security with other business considerations.
Example projects
Support IAM with scalable platform solutions.
Build tooling to prevent and address vulnerabilities across our infrastructure.
Integrate service-to-service authentication and authorization into Discord’s internal developer platform.
What we look for
5+ years of experience building and operating production systems or infrastructure
5+ years of experience writing software in a general-purpose programming language (we mainly use Python and Rust)
4+ years of experience securing systems with millions of users
Experience mentoring junior ICs and leading technical projects involving multiple engineers and spanning multiple quarters
Experience designing and building software for customers (internal or external) beyond your immediate team
Build and operate AI-powered fraud/abuse detection systems defending Replit's platform from phishing, cryptomining, account takeover, and LLM abuse. Requires 8+ years in security/anti-abuse, Python/TypeScript, SQL at scale, and ML/LLM classifier experience.
250k – 315k/yr
Hybrid8+ YOESecurity Engineering
Staff Software Engineer, Risk
ReplitFoster City, CA
Build and operate AI-powered abuse detection systems that defend Replit's platform from phishing, cryptomining, LLM token farming, and other attacks. Own end-to-end detection, investigation, and automated response across millions of daily actions.
250k – 315k/yr
Hybrid8+ YOESecurity Engineering
Staff Software Engineer, Trust & Safety
ReplitFoster City, CA
Build and operate AI-powered abuse detection systems at Replit to combat phishing, cryptomining, prompt injection, and other platform abuse at scale. Requires 8+ years in security/anti-abuse and strong Python/TypeScript + SQL skills.
250k – 315k/yr
Hybrid8+ YOESecurity Engineering
Staff Incident Responder
FluidstackSan Francisco, CA +1
Senior-most incident commander building and operating Fluidstack's Detection & Response Engineering program. Defines runbooks, leads material incidents across IT/OT/physical surfaces, and sets standards for agent-first IR at scale.
250k – 350k/yr
On-siteSecurity Engineering
Staff Product Security Engineer
CrusoeSan Francisco, CA
Leads advanced penetration testing, red team operations, and AI/ML security research to secure applications, infrastructure, and distributed AI systems including LLMs and Kubernetes environments. Requires 8-10 years offensive security experience and strong software engineering in Go/Python/Rust.