Security Engineer at Replit

We're on a mission to make programming more accessible by building the best, simplest, and fastest coding environment. Replit is a place to not only learn and practice programming but also to collaborate and ship applications.

At Replit, we give people computing superpowers. Most people use these superpowers for good. A small number use them to attack Replit itself or other community members. If we can prevent or automatically detect most abuse, we can maintain the most open compute platform on the internet and teach millions of people to code. Security is a key competitive advantage for us -- this is an opportunity to have meaningful impact to our mission.

Roles & Responsibilities:

Be the founding security engineer at Replit Create proof-of-concept attacks on Replit Infrastructure We are particularly interested in wide-scale attacks that can be launched from Replit itself Mitigate those attacks Describe and implement best practices to guard against attacks Develop monitoring to detect abuse

Key Qualifications: Experience penetrating and/or defending internet services The ability to write clear steps to reproduce an attack A keen eye for unintended consequences and emergent behavior

Bonus Points: Experience attacking or defending Platform/Infrastructure/Runtime as a Service

Job Location: Global (overlap 4 hours with US Pacific Time)

We're building a first of its kind developer platform that can be used to learn and practice programming, build and deploy applications, and share and discuss with a community of peers. We realize this is an ambitious plan, but we think it's high time someone built this. There is no good reason for the insane fragmentation in programming tools today -- someone learning to code needs to learn at least ten disjointed tools and platforms to do anything interesting with programming.