Senior Software Engineer, Anti-Abuse & Security

Replit3 months ago

Location

Foster City, CA (Hybrid) In office M,W,F

Type

Full Time

Salary

USD 190,000 – 240,000

Level

Senior

Role

Security Engineer

Posted

Jan 12, 2026

Full TimeSenior

The role

Summary

Replit is seeking a Senior Software Engineer for their Anti-Abuse & Security team to defend their AI-native platform from exploitation and build cutting-edge detection systems. This role involves working on unique challenges like AI-generated code security, prompt injection detection, and using LLMs as defensive tools in a hybrid environment at Foster City, CA.

What you'll do

LLM Guardrails Development: Design and implement LLM guardrails that detect abuse scenarios in AI-generated code and agent interactions

AI-Powered Detection Systems: Build AI-powered detection systems that use LLMs to identify malicious patterns, classify threats, and automate response decisions

Multi-Vector Abuse Detection: Build and operate abuse detection systems that identify phishing, cryptomining, account takeover, and financial fraud across millions of daily user actions

Automated Response Design: Design automated response mechanisms that enforce platform policies without manual intervention

End-to-End Abuse Response: Own the full abuse response lifecycle: detection, investigation, enforcement, and handling appeals alongside Support and Legal

Attack Pattern Analysis: Analyze attack patterns using BigQuery and Hex, turning investigation findings into new detection rules

Detection Tool Maintenance: Maintain and extend internal detection tools (Slurper, Netwatch) that continuously monitor user activity

Security Scanner Integration: Integrate and tune security scanners (SAST, SCA) in CI pipelines with tight performance SLAs

Trend Monitoring and Adaptation: Track abuse trends, measure detection effectiveness, and adapt defenses as attack patterns evolve

What we look for

Technical

Security Engineering Experience4+ years of experience in security engineering, anti-abuse, trust & safety, or fraud detection

Programming ProficiencyStrong programming skills in Python and/or TypeScript for building detection systems and automation

Large-Scale Data AnalysisExperience with SQL and data analysis at scale (BigQuery, Snowflake, or similar)

ML/LLM ClassificationExperience building or fine-tuning ML/LLM-based classifiers for security or abuse detection

LLM Security KnowledgeFamiliarity with prompt injection, jailbreaking, and other LLM-specific attack vectors

Investigation and AutomationAbility to investigate complex abuse patterns and translate findings into automated defenses

Attack Pattern RecognitionFamiliarity with common attack patterns: phishing infrastructure, account takeover, credential stuffing, resource abuse

Experience

Security Engineering4+ years of hands-on experience in security engineering, anti-abuse, trust & safety, or fraud detection roles

Cross-Team CollaborationClear communication skills for working across Security, Support, Legal, and Engineering teams

Skills

Required skills

Python ProgrammingAdvanced proficiency in Python for building detection systems and automation tools

TypeScript DevelopmentStrong TypeScript skills for full-stack detection system development

SQL and Data AnalysisExpert-level SQL skills and experience with large-scale data analysis platforms

Machine LearningHands-on experience building and fine-tuning ML/LLM-based classifiers for security applications

LLM SecurityDeep understanding of prompt injection, jailbreaking, and LLM-specific attack vectors

Threat InvestigationAdvanced skills in investigating complex abuse patterns and translating findings into automated defenses

Attack Pattern RecognitionComprehensive knowledge of phishing infrastructure, account takeover, credential stuffing, and resource abuse

Nice to have

Platform Security ExperienceExperience at platform companies dealing with user-generated content or compute abuse

Fraud Detection BackgroundBackground in fraud detection, payment abuse, or financial crime

Device FingerprintingFamiliarity with device fingerprinting, IP reputation, and email validation services

CI/CD Security ToolsExperience with CI/CD security tooling (SAST, SCA, Dependabot, Snyk)

Infrastructure SecurityKnowledge of container security, Linux internals, or cloud infrastructure (GCP preferred)

Trust & Safety SystemsPrior work with abuse reporting pipelines, trust & safety tooling, or content moderation systems

Compensation & benefits

Salary

USD 190,000 – 240,000 (annual)

Stock options

Available

Benefits

Competitive Salary & Equity

Competitive compensation package including equity ownership

401(k) Program

Retirement savings plan with 4% company match

Health Insurance

Comprehensive health, dental, vision and life insurance coverage

Disability Insurance

Short-term and long-term disability coverage

Parental Leave

Paid parental, medical, and caregiver leave

Commuter Benefits

Transportation assistance and commuter support

Wellness Stipend

Monthly wellness allowance for health and fitness

Autonomous Work Environment

Flexible work arrangements and autonomy

Office Setup Reimbursement

In-office setup reimbursement for equipment and workspace

Flexible Time Off

Flexible Time Off (FTO) policy plus holidays

Team Gatherings

Quarterly team gatherings and events

Office Amenities

In-office amenities and facilities

Interview process

1
Initial Screening — Phone or video call to discuss background, experience, and interest in the role
2
Technical Interview — Deep dive into security engineering experience, detection system design, and problem-solving approach
3
System Design Interview — Design an anti-abuse detection system or LLM security guardrails architecture
4
Case Study Discussion — Analysis of real-world abuse scenarios and discussion of investigation and mitigation strategies
5
Final Interview — Cultural fit assessment and discussion with team members about collaboration and communication skills