Security Engineer - Vuln Management (Infra)
Replit is the agentic software creation platform that enables anyone to build applications using natural language. With millions of users worldwide, Replit is democratizing software development by removing traditional barriers to application creation.About the RoleWe are seeking a mid-level Infrastructure Vulnerability Management Engineer with a strong background in Cloud Security, DevSecOps, and Infrastructure-as-Code (IaC). In this role, you will bridge the gap between security, compliance, DevOps, and Platform engineering teams. You will identify infrastructure misconfigurations, secure multi-cloud environments, and manage continuous vulnerability lifecycles across cloud workloads, containers, and data repositories to satisfy strict regulatory compliance frameworks. You will also serve as a technical infrastructure responder during security incidents, deploying real-time cloud or network countermeasures to protect our production ecosystem.What You'll DoCore ResponsibilitiesInfrastructure Scanning & Triage: Perform continuous security scanning across our cloud posture and workloads. Review, validate, and prioritize flaws and misconfigurations based on CVSS scores, real-world exploitability, and infrastructure network exposure.Posture Management & Visibility: Own and optimize Cloud Security Posture Management (CSPM), Kubernetes Security Posture Management (KSPM), and Data Security Posture Management (DSPM) tools to ensure uniform compliance, prevent data leakage, and maintain hardened baselines.Infrastructure-as-Code (IaC) Security: Configure, tune, and embed automated IaC security scanning tools into CI/CD pipelines to identify architectural risks (e.g., overly permissive IAM, public S3 buckets/Cloud Storage) before they are deployed to production.Workload & Container Security: Manage the continuous vulnerability scanning lifecycle for container images, registries, and Virtual Machines (VMs), partnering with SRE and Platform teams to build automated base-image patching and rolling upgrade pipelines.Compliance-Driven Tracking: Track, document, and manage infrastructure vulnerabilities according to strict compliance SLAs (e.g., SOC 2, ISO 27001, PCI-DSS). Maintain audit-ready evidence of infrastructure remediation timelines and exception approvals.Executive Reporting & Alerting: Escalate and report critical production exposures directly to the CISO and senior leadership. Maintain dashboards and alerting mechanisms that visualize infrastructure risk trends and cloud compliance posture.Remediation Collaboration: Partner with SRE, DevOps, and Platform teams to provide clear infrastructure mitigation paths. Assist in writing, reviewing, or modifying cloud configuration templates directly when necessary to resolve security flaws.Incident Response Support: Assist Incident Response teams during active cloud or host-level breaches. Help develop and implement immediate, real-time cloud, network, or IAM configuration countermeasures to contain threats.Required Skills & ExperienceExperience: 5 years of experience in Cloud Security, DevSecOps, or Systems Engineering roles.Cloud Infrastructure Depth: Strong foundational experience working with multi-cloud environments (Deep GCP expertise preferred, with working knowledge of AWS or Azure).Posture Management & Scanning Tooling: Hands-on experience operating modern infrastructure security platforms such as Wiz, Orca, Prisma Cloud, Lacework, or cloud-native options (GCP Security Command Center).IaC and Automation Fluency: Strong proficiency with Infrastructure as Code platforms (Terraform, Pulumi) and GitOps deployment workflows. Ability to evaluate and configure IaC scanners like Checkov, Tfsec, or KICS.Containerization & Orchestration: Deep understanding of Docker/container security and Kubernetes architectures (e.g., GKE, EKS), including runtime security, network policies, and workload identity.Compliance Awareness: Understanding of how infrastructure configurations and vulnerability management map to security compliance frameworks like SOC 2, ISO 27001, CIS Benchmarks, or NIST.What We ValueSystems Thinking: The ability to see the "big picture" and understand how security decisions impact the entire stack.Technical Influence: The ability to drive technical alignment across the organization through expertise and collaboration rather than direct authority.Autonomy: Comfortable leading major technical initiatives and driving outcomes with minimal oversight.Problem-Solving Mindset: A passion for breaking down complex security challenges into elegant, scalable engineering solutions.This is a full-time role that can be held from our Foster City, CA office. The role has an in-office requirement of Monday, Wednesday, and Friday. Full-Time Employee Benefits Include:💰 Competitive Salary & Equity💹 401(k) Program with a 4% match (US Only)⚕️ Health, Dental, Vision and Life Insurance🩼 Short Term and Long Term Disability🚼 Paid Parental, Medical, Caregiver Leave🏝 Flexible Time Off (FTO) + Holidays🚗 Commuter Benefits (In-Office Only)📱 Monthly Wellness Stipend🧑💻 Autonomous Work Environment🖥 In Office Set-Up Reimbursement (In-Office Only)🚀 Quarterly Team Gatherings☕ In Office Amenities (In-Office Only)Want to learn more about what we are up to?Meet the Replit AgentReplit: Make an app for thatReplit BlogAmjad TED TalkInterviewing + Culture at ReplitOperating PrinciplesReasons not to work at ReplitTo achieve our mission of making programming more accessible around the world, we need our team to be representative of the world. We welcome your unique perspective and experiences in shaping this product. We encourage people from all kinds of backgrounds to apply, including and especially candidates from underrepresented and non-traditional backgrounds.
Recommended Jobs
RCFE Administrator
Job Description Job Description Now Hiring – RCFE Administrator (Part-Time) Great Golden Senior Living is currently seeking a qualified RCFE Administrator to join our team. Position: RCF…
Travel Radiology Radiation Therapy Tech Job
Job Overview TLC Nursing Associates, Inc. is seeking a skilled Radiation Therapy Technologist to deliver precise radiation treatments, ensure patient safety, and provide compassionate care. Th…
Travel Radiology Tech CT Tech Job
Job Description Are you a skilled Radiology Tech seeking a thrilling opportunity in the vibrant city of Modesto, California? TLC Nursing has a captivating 13-week travel healthcare assignment just …
Customer Service Engineer
Job Description Job Description Company Description Worldwide TechServices is a global leader in delivering technology services and solutions to the world’s most demanding clients. Headquart…
Senior Electrical Engineer
Job Description Job Description About Ceribell Ceribell is a medical technology company focused on transforming the diagnosis and management of patients with serious neurological conditions. T…
Certified Rehabilitation Veterinarian
Certified Rehabilitation Veterinarian – SAGE Redwood City SAGE Redwood City is seeking a Certified Rehabilitation Veterinarian to lead and grow our Rehabilitation Service. Our current rehab doc…
Travel Radiation Therapist
Job Description Job Description Position Details Specialty: Radiation Therapist Location: Los Angeles, California Employment Type: Travel/Contract Pay: $2653 - $2792 per week …
Host
Company Description We are looking for a Host to join the re-opening of the famed Delano Miami Beach. Set to open its doors in early 2026, Delano Miami Beach will fuse historic charm with contempora…
Assistant Community Manager - Downtown, Los Angeles
ABOUT GREYSTAR Greystar is a leading, fully integrated global real estate platform offering expertise in property management, investment management, development, and construction services in ins…