Staff Software Engineer, Risk
Build and operate AI-powered abuse detection systems that defend Replit's platform from phishing, cryptomining, LLM token farming, and other attacks. Own end-to-end detection, investigation, and automated response across millions of daily actions.
Responsibilities
- Design and implement LLM guardrails that detect abuse scenarios in AI-generated code and agent interactions
- Build AI-powered detection systems that use LLMs to identify malicious patterns, classify threats, and automate response decisions
- Build and operate abuse detection systems that identify phishing, cryptomining, account takeover, and financial fraud across millions of daily user actions
- Design automated response mechanisms that enforce platform policies without manual intervention
- Own the full abuse response lifecycle: detection, investigation, enforcement, and handling appeals alongside Support and Legal
- Analyze attack patterns using BigQuery and Hex, turning investigation findings into new detection rules
- Maintain and extend internal detection tools (Slurper, Netwatch) that continuously monitor user activity
- Integrate and tune security scanners (SAST, SCA) in CI pipelines with tight performance SLAs
- Track abuse trends, measure detection effectiveness, and adapt defenses as attack patterns evolve
Requirements
- 8+ years of experience in security engineering, anti-abuse, trust & safety, or fraud detection
- Strong programming skills in Python and/or TypeScript for building detection systems and automation
- Experience with SQL and data analysis at scale (BigQuery, Snowflake, or similar)
- Experience building or fine-tuning ML/LLM-based classifiers for security or abuse detection
- Familiarity with prompt injection, jailbreaking, and other LLM-specific attack vectors
- Ability to investigate complex abuse patterns and translate findings into automated defenses
- Familiarity with common attack patterns: phishing infrastructure, account takeover, credential stuffing, resource abuse
- Clear communication skills for working across Security, Support, Legal, and Engineering teams
Nice to Have
- Experience at a platform company dealing with user-generated content or compute abuse (hosting providers, cloud platforms, developer tools)
- Background in fraud detection, payment abuse, or financial crime
- Familiarity with device fingerprinting, IP reputation, and email validation services
- Experience with CI/CD security tooling (SAST, SCA, Dependabot, Snyk)
- Knowledge of container security, Linux internals, or cloud infrastructure (GCP preferred)
- Prior work with abuse reporting pipelines, trust & safety tooling, or content moderation systems
Tools & Tech Stack
- Languages: Python, TypeScript, Go, SQL
- Data: BigQuery, Hex
- Detection tools: Slurper, Netwatch, Stytch (device fingerprint); ClearOut (email reputation)
- CI/CD Security: Dependabot, Snyk, SAST/SCA scanners
- Infrastructure: GCP, Kubernetes
Sr. Engineering Manager, Application Security
Senior Engineering Manager leading Application Security squad to build secure software by default through threat modeling, design reviews, vulnerability management, and developer tooling. Requires hands-on team leadership and expertise across the AppSec stack.
Senior Backend Engineer - Platform Security
Senior Backend Engineer focused on application security for Teleport's core product. Design and implement security controls in Go for distributed systems, collaborating with security researchers on vulnerabilities.
Senior/Staff Software Systems Engineer
Design and implement formal methods, tools, and processes to verify safety-critical software for autonomous vehicles. Requires 7+ years experience, advanced degree, and strong background in formal verification, Python, and C++.
Staff Application Security Engineer
Lead application security initiatives as a technical leader on a new security team. Drive threat modeling, secure SDLC, code reviews, vulnerability management, and AI security for a healthcare AI platform.