security
Posted Apr 20Product Security Engineer (PSIRT - Product Security Incident Response Team)
at Replit
Foster City, United StatesRemote
Responsibilities
- REMEDIATION COORDINATION & SLA MANAGEMENT - Work with Engineering, SecOps, IT, SRE, and Cloud Security to confirm product impact and drive remediation. - Provide detailed reproduction steps, proof-of-concepts, and technical analyses. - Track SLAs, remediation progress, regression testing, and systemic improvements. - Support SOC 2, ISO 27001, and pentest evidence needs as part of vulnerability lifecycle governance.
Requirements
- ABOUT THE ROLE We are looking for a highly skilled PSIRT Engineer to lead the vulnerability response program for Replit’s cloud-native AI platform.
- This role requires strong technical ability to reproduce vulnerabilities, deep understanding of web/app/cloud exploit classes, and
- Experience running or triaging for bug bounty programs (HackerOne ideally). - Strong ability to triage, validate, and reproduce vulnerabilities independently. - Deep understanding of web/app/cloud vulnerability classes, OWASP Top 10, misconfigurations, authN/Z issues, etc. - Familiarity with cloud platforms (GCP preferred) and SaaS architectures. - Strong understanding of CI/CD workflows, code structure, and software engineering fundamentals.
- experience (Python, Go, Bash). - Pentesting background or exposure to offensive security work. - Familiarity with compliance frameworks such as SOC 2 and ISO 27001. -
- Experience authoring public advisories or CVE writeups. - Hands-on
- experience with SIEM, Cloud Logging, and investigative tooling.
Benefits
- experience operating bug bounty and coordinated disclosure programs.
- BUG BOUNTY & VULNERABILITY DISCLOSURE PROGRAM MANAGEMENT - Design and evolve the bug bounty program, including scope, rules, and reward structures. - Manage platform selection, private vs. public launches, and community engagement. - Communicate clearly with researchers, provide clarifications, and handle feedback or disputes. - Determine reward payouts, bonus decisions, and recognition for top contributors.
- Benefits Include: 💰 Competitive Salary & Equity 💹 401(k) Program with a 4% match (US Only) ⚕️ Health, Dental, Vision and Life Insurance 🩼 Short Term and Long Term Disability 🚼 Paid Parental, Medical, Caregiver Leave 🏝 Flexible Time Off (FTO) + Holidays 🚗 Commuter