Replit

IT

SecurityEngineerVulnManagement(Infra)

$210–270k Foster City, California, United States FULL TIME Remote Friendly
The Brief

“Security Engineer - Vuln Management (Infra) at Replit. Skills: Cloud Security, DevSecOps, IaC Security, Vulnerability Management. Perform continuous security scanning. Review, validate, and prioritize flaws”

What You'll Achieve.

satisfy strict regulatory compliance frameworks; prevent data leakage; maintain hardened baselines; identify architectural risks before they are deployed; build automated base-image patching and rolling upgrade pipelines; Maintain audit-ready evidence; visualize infrastructure risk trends and cloud compliance posture; resolve security flaws; contain threats

Industry & Context.

IT
Problems you'll solve

Problem-Solving Mindset; breaking down complex security challenges into elegant, scalable engineering solutions

Eligibility Requirements

In-office requirement of Monday, Wednesday, and Friday

What They're Looking For.

Must Have

5 years of experience in Cloud Security, DevSecOps, or Systems Engineering roles, foundational experience working with multi-cloud environments, Hands-on experience operating modern infrastructure security platforms, proficiency with Infrastructure as Code platforms, GitOps deployment workflows, Deep understanding of Docker/container security, Kubernetes architectures, runtime security, network policies, workload identity, Understanding of how infrastructure configurations and vulnerability management map to security compliance frameworks

Nice to Have

Deep GCP expertise preferred, working knowledge of AWS or Azure, Wiz, Orca, Prisma Cloud, Lacework, or cloud-native options (GCP Security Command Center), Terraform, Pulumi, Checkov, Tfsec, or KICS, GKE, EKS, SOC 2, ISO 27001, PCI-DSS, CIS Benchmarks, NIST

What You'll Do.

Perform continuous security scanning

Own and optimize CSPM

and embed automated IaC scanning tools

Manage continuous vulnerability scanning lifecycle

and manage infrastructure vulnerabilities

Escalate and report critical production exposures

Partner with teams to provide mitigation paths

Assist Incident Response teams

How You'll Work.

Team & Collaboration

bridge the gap between security, compliance, DevOps, and Platform engineering teams; partnering with SRE and Platform teams; Remediation Collaboration: Partner with SRE, DevOps, and Platform teams; Assist in writing, reviewing, or modifying cloud configuration templates; Assist Incident Response teams

Communication Scope

Executive Reporting & Alerting; Escalate and report critical production exposures directly to the CISO and senior leadership; Maintain dashboards and alerting mechanisms

Free ATS check

Applying for this Security Engineer - Vuln Management (Infra) role?

Most applicants get filtered before a human reads their resume. See if yours makes the cut.

How to Apply on Ashby

  • Ashby is a fast modern ATS — most applications take under 3 minutes.
  • The resume parser is strong; verify parsed experience dates and job titles.
  • Custom screening questions are often scored algorithmically — answer completely.
  • Location field affects geo-based screening; use your actual metro area.

ANONYMOUS · UNFILTERED

What do employees actually say about Replit?

Real rants from real employees. Read before you apply.

Read Company Rants →