Replit13.05.2026

Product Security Architect

Полная занятостьУдалёнка

Обязанности

  • 01Serve as primary security mentor and subject matter expert for engineering teams
  • 02Define product security vision and ensure consistency across application architecture projects
  • 03Lead security implementation of new product features from design to production deployment
  • 04Conduct proactive threat modeling for new features and architectural changes
  • 05Define and enforce application security best practices including logging, configuration, tenant separation, encryption, BYOK, RBAC, API design, and session/token management
  • 06Define and implement secure authentication/authorization protocols (mTLS, OIDC, OAuth, SAML) for multi-tenant SaaS products
  • 07Assess and mitigate risks of third‑party integrations such as payment, AI models, and code repositories
  • 08Perform hands‑on code reviews using Python, Go, or JavaScript to validate security controls
  • 09Define and maintain the authoritative “Source of Truth” for Replit’s secure architecture
  • 10Identify, document, and quantify architectural security risks for the Cybersecurity Risk Register
  • 11Support GRC, Pentesting, Vulnerability Management, and PSIRT teams
  • 12Partner with GRC to produce audit‑ready documentation and control frameworks
  • 13Act as technical bridge for Sales, addressing enterprise security inquiries

Требования

  • 018+ years of experience in product security engineering or architecture, preferably with multi‑tenant SaaS products
  • 02Deep expertise in product security practices such as tenant separation, RBAC, BYOK, secure API design, and session/token management
  • 03Strong knowledge of authentication/authorization protocols (mTLS, OIDC, OAuth, SAML) in multi‑tenant environments
  • 04Proven programming background in Python, Go, or JavaScript with ability to conduct code reviews
  • 05Experience writing and maintaining architecture documentation
  • 06Experience contributing to a cybersecurity risk register
  • 07Excellent communication skills for conveying technical risk to engineering and executive audiences

Условия

  • 01Full‑time position based in Foster City, CA office
  • 02In‑office requirement on Monday, Wednesday, and Friday
  • 03Competitive salary and equity
  • 04401(k) with 4% match
  • 05Health, dental, vision, and life insurance
  • 06Short‑term and long‑term disability
  • 07Paid parental, medical, and caregiver leave
  • 08Commuter benefits and in‑office setup reimbursement
  • 09Monthly wellness stipend
  • 10Flexible time off plus holidays
  • 11Quarterly team gatherings and office amenities