Skip to content
ReplitReplitFoster City, CA

Product Security Architect

Defines and implements secure architecture for multi-tenant SaaS platform, leads threat modeling, mentors engineering teams on security best practices, and conducts code reviews. Requires 8+ years in product security with expertise in auth protocols and SaaS security.

250k – 380k/yr
Hybrid8+ YOESecurity Engineering

About the role

What You'll Do

Product Security Strategy & Mentorship

  • Serve as the primary security mentor and subject matter expert for engineering teams, fostering a culture of technical excellence and rigorous security design.
  • Define the product security vision, ensuring consistency across complex application architecture projects.
  • Lead the security implementation of new product features from initial design to final production deployment.
  • Conduct proactive threat modeling for new product features and major architectural changes.
  • Define and enforce best practices around application security, including audit/application logging, configuration, tenant separation, encryption, customer BYOK, RBAC design, API design, and Session/cookie/token management.
  • Define and implement secure Authentication/Authorization protocols (mTLS/OIDC/OAuth/SAML) for multi-tenant SaaS products.
  • Assess and mitigate risks associated with application third-party integrations such as payment, AI models, code repositories, etc.
  • Apply a strong programming background (Python/Go/JavaScript) to perform hands-on code reviews when needed to validate security controls.

Risk Management & Cross-Functional Enablement

  • Define and maintain (document) the authoritative "Source of Truth" for Replit’s secure architecture, ensuring these patterns are consistently adopted across all engineering teams.
  • Actively identify, document, and quantify architectural security risks. Responsible for ensuring these are accurately reflected in the Cybersecurity Risk Register.
  • Support other security teams like GRC, Pentesting, Vulnerability Management, and PSIRT.
  • Partner with GRC teams to translate complex architectural designs into clear, audit-ready documentation and control frameworks.
  • Act as the technical bridge for the Sales team, addressing complex security inquiries from enterprise customers regarding Replit's architectural integrity.

Required Skills & Experience

  • 8+ years of experience in product security engineering or architecture, specifically with Multi-tenant SaaS products.
  • Experience with AI Agent-based SaaS products is a plus.
  • Deep expertise in common product security practices (e.g., tenant separation, RBAC, BYOK, secure API design, session/token management).
  • Expertise in Authentication/Authorization protocols (mTLS/OIDC/OAuth/SAML) in a multi-tenant SaaS environment.
  • Strong programming background (Python/Go/JavaScript) with proven ability to conduct code review.
  • Experience writing and maintaining Architecture documents.
  • Exceptional ability to communicate technical risk to both engineering and executive audiences.
  • Strong track record of contributing to Cybersecurity Risk Register.

What We Value

  • Systems Thinking: The ability to see the "big picture" and understand how security decisions impact the entire stack.
  • Technical Influence: The ability to drive technical alignment across the organization through expertise and collaboration rather than direct authority.
  • Autonomy: Comfortable leading major technical initiatives and driving outcomes with minimal oversight.
  • Problem-Solving Mindset: A passion for breaking down complex security challenges into elegant, scalable engineering solutions.

Skills

PythonGoJavaScriptOAuthOIDCSAMLMtlsRBACThreat ModelingTenant SeparationByokAPI DesignMulti-Tenant Saas
Abridge

Senior Manager, Enterprise Security

AbridgeSan Francisco, CA

Lead the strategy, roadmap, and team for enterprise security at a healthcare AI company. Own IAM/Zero Trust, endpoint protection, SaaS security, automation, and secure AI adoption while partnering cross-functionally in a 0-to-1 greenfield environment.

240k – 299k/yr
Hybrid8+ YOESecurity Engineering
Cognition

Security Engineer

CognitionSan Francisco, CA

Security Engineer responsible for securing AI agent execution, infrastructure, and product surfaces at an applied AI lab building Devin and Windsurf. Requires deep security engineering, software engineering fundamentals, and cloud/web security expertise.

260k – 300k/yr
On-site7+ YOESecurity Engineering
Material Security

Sr. Manager, Security Engineering

Material SecuritySan Francisco, CA

Lead the Security Engineering team responsible for defending the organization and product infrastructure. Manage Application, Infrastructure, and Corporate security while staying hands-on with alert triage, detection, and architectural design.

240k – 280k/yr
Remote7+ YOESecurity Engineering
Hinge Health

Lead Security Engineer

Hinge HealthSan Francisco, CA

Leads security for AI-assisted development, cloud infrastructure (AWS), and IAM in healthcare platform. Requires 7+ years cybersecurity, 5+ years AWS, coding experience, and AI/ML security expertise.

239k – 263k/yr
Hybrid7+ YOESecurity Engineering
OpenAI

Systems Software Engineer, Security, First Party Hardware

OpenAISan Francisco, CA

Security Engineer owning end-to-end hardware, firmware, and system security for OpenAI's first-party AI accelerators and servers. Requires 7+ years in hardware/embedded security and strong systems programming skills.

266k – 445k/yr
Hybrid7+ YOESecurity Engineering