Replit is the agentic software creation platform that enables anyone to build applications using natural language. With millions of users worldwide and over 500,000 business users, Replit is democratizing software development by removing traditional barriers to application creation.

Join us at the forefront of AI and cloud-native security as we work to secure one of the most innovative developer platforms in the world. As the Cloud Security Lead, you will shape the cloud and infrastructure security program that protects millions of developers, enables safe AI-assisted development, and ensures organizations can confidently bring our platform into enterprise environments.

In this role, you will own cloud security across GCP (primary) and supplemental environments in AWS and Azure, as well as containerized systems, SaaS platforms, and our multi-tenant AI infrastructure. You’ll improve our security posture through strong architecture, posture management, secure-by-default development practices, and close partnership with Engineering, Compliance, Security Architecture, and Platform teams.

This is a highly impactful, hands-on leadership role—perfect for someone who wants to solve complex security challenges at scale while influencing product, engineering, and go-to-market teams.

What You’ll Do:

Cloud Security Engineering

• Lead configuration hardening across GCP, with additional oversight of workloads and integrations running in AWS and Azure.

• Own and optimize CSPM platforms across multi-cloud environments—establishing configuration baselines, guardrails, and remediation workflows.

• Secure critical SaaS platforms, ensuring proper configurations, access controls, and engineering integrations.

• Lead infrastructure vulnerability management across multi-cloud systems, containers, registries, and platform services.

• Enhance security across containerized and Kubernetes (GKE/EKS/AKS) workloads, including runtime protections, network policies, and workload identity.

• Assess secure logging configurations across cloud/SaaS providers, ensuring audit logs, retention, and routing meet monitoring and architecture needs.
  

Secure Development & Architecture Enablement

• Partner with engineering teams to make services secure by default, embedding security into development workflows, CI/CD pipelines, and cloud-native deployments.
  

Cross-Functional Responsibilities

• Collaborate with Security Monitoring, Compliance/GRC, Architecture, DevOps, Platform Engineering, and ML Infrastructure.

• Participate in communicating security advisories, best practices, and updates to Replit’s customers.

• Support incident investigations as a cloud security subject-matter expert.

Required Skills & Experience:

• 7+ years of experience in cloud engineering, with 3+ years in a senior or lead role.

• Hands-on experience with CSPM tools (Wiz, Lacework, Prisma, Orca, SCC, etc.).

• Deep expertise in GCP security (IAM, VPC, KMS, GKE, Cloud Logging).

• Experience securing and governing SaaS platforms and identity integrations.

• Operational experience with infrastructure vulnerability management across cloud and container environments.

• Working knowledge of AWS and/or Azure security services and configurations.

• Experience with container and Kubernetes security across GKE, EKS, or AKS.

• Strong IaC security experience with Terraform, Pulumi, or similar tooling.

• Familiarity with compliance standards (SOC 2, ISO 27001, PCI DSS).

Preferred Qualifications:

• Experience supporting engineering teams in building secure-first, cloud-native or PaaS environments.

• Background securing AI/ML pipelines, model-serving infrastructure, or developer platform services.

• Experience in high-growth technology or cloud-native product companies.

• Experience with securing AI/agentic systems and sensitive data pipelines.

• Automation/scripting with Python.

• Relevant certifications (e.g., GCP Professional Cloud Security Engineer, AWS/Azure security certs).

What We Value:

• Problem-solving mindset — Ability to break down complex security and operational challenges into clear engineering solutions.

• Autonomy — Comfortable leading initiatives, collaborating effectively, and driving outcomes with minimal oversight.

• Communication excellence — Able to translate deep technical concepts for engineers, executives, and enterprise customers.

• Continuous learning — Passion for staying current with AI security, cloud-native advances, and emerging threats.

• Automation-first approach — Belief in reducing operational toil and building scalable, self-healing systems.

This is a full-time role that can be held from our Foster City, CA office. The role has an in-office requirement of Monday, Wednesday, and Friday.

Full-Time Employee Benefits Include:

💰 Competitive Salary & Equity

💹 401(k) Program

⚕️ Health, Dental, Vision and Life Insurance

🩼 Short Term and Long Term Disability

🚼 Paid Parental, Medical, Caregiver Leave

🚗 Commuter Benefits

📱 Monthly Wellness Stipend

🧑‍💻 Autonoumous Work Environement

🖥 In Office Set-Up Reimbursement

🏝 Flexible Time Off (FTO) + Holidays

🚀 Quarterly Team Gatherings

☕ In Office Amenities

Want to learn more about what we are up to?

• Meet the Replit Agent

• Replit: Make an app for that

• Replit Blog

• Amjad TED Talk

Interviewing + Culture at Replit

• Operating Principles

• Reasons not to work at Replit

To achieve our mission of making programming more accessible around the world, we need our team to be representative of the world. We welcome your unique perspective and experiences in shaping this product. We encourage people from all kinds of backgrounds to apply, including and especially candidates from underrepresented and non-traditional backgrounds.

Compensation Range: $220K - $325K