# Staff Software Engineer, Anti-Abuse & Security **Company:** [Replit](https://hotfix.jobs/companies/replit) **Location:** Foster City, CA **Salary:** $190K-$240K **Experience:** 8+ years **Skills:** Python, TypeScript, SQL, BigQuery, LLMs, Kubernetes, GCP, Snyk, Dependabot, Stytch **Posted:** 2026-04-23 > Staff engineer building AI-powered anti-abuse detection systems, LLM guardrails, and automated responses to phishing, cryptomining, and platform exploitation. Requires 8+ years in security engineering with Python/TypeScript and ML/LLM experience. ## Job Description ## Responsibilities - Design and implement LLM guardrails that detect abuse scenarios in AI-generated code and agent interactions - Build AI-powered detection systems that use LLMs to identify malicious patterns, classify threats, and automate response decisions - Build and operate abuse detection systems that identify phishing, cryptomining, account takeover, and financial fraud across millions of daily user actions - Design automated response mechanisms that enforce platform policies without manual intervention - Own the full abuse response lifecycle: detection, investigation, enforcement, and handling appeals alongside Support and Legal - Analyze attack patterns using BigQuery and Hex, turning investigation findings into new detection rules - Maintain and extend internal detection tools (Slurper, Netwatch) that continuously monitor user activity - Integrate and tune security scanners (SAST, SCA) in CI pipelines with tight performance SLAs - Track abuse trends, measure detection effectiveness, and adapt defenses as attack patterns evolve ## Required Skills and Experience - 8+ years of experience in security engineering, anti-abuse, trust & safety, or fraud detection - Strong programming skills in **Python** and/or **TypeScript** for building detection systems and automation - Experience with **SQL** and data analysis at scale (**BigQuery**, Snowflake, or similar) - Experience building or fine-tuning **ML/LLM**-based classifiers for security or abuse detection - Familiarity with prompt injection, jailbreaking, and other LLM-specific attack vectors - Ability to investigate complex abuse patterns and translate findings into automated defenses - Familiarity with common attack patterns: phishing infrastructure, account takeover, credential stuffing, resource abuse - Clear communication skills for working across Security, Support, Legal, and Engineering teams ## Nice to Have - Experience at a platform company dealing with user-generated content or compute abuse (hosting providers, cloud platforms, developer tools) - Background in fraud detection, payment abuse, or financial crime - Familiarity with device fingerprinting, IP reputation, and email validation services - Experience with CI/CD security tooling (**SAST**, **SCA**, **Dependabot**, **Snyk**) - Knowledge of container security, Linux internals, or cloud infrastructure (**GCP** preferred) - Prior work with abuse reporting pipelines, trust & safety tooling, or content moderation systems ## Tools + Tech Stack - Languages: **Python**, **TypeScript**, **Go**, **SQL** - Data: **BigQuery**, **Hex** - Detection tools: Slurper, Netwatch, **Stytch** (device fingerprint), ClearOut (email reputation) - CI/CD Security: **Dependabot**, **Snyk**, SAST/SCA scanners - Infrastructure: **GCP**, **Kubernetes** **Apply:** https://hotfix.jobs/jobs/staff-software-engineer-anti-abuse-security-at-replit-1fcb0c05-c653-435e-afc9-ba434b2ce4eb **Canonical:** https://hotfix.jobs/jobs/staff-software-engineer-anti-abuse-security-at-replit-1fcb0c05-c653-435e-afc9-ba434b2ce4eb