ARCHIVED
This job listing has been archived and is no longer accepting applications.
MisuJob - AI Job Search Platform MisuJob
Login Sign Up

Offensive Security Engineer

Replit

Foster City, California, USA Remote permanent

Posted: March 10, 2026

Interested in this position?

Create a free account to apply with AI-powered matching

Register to Apply

Quick Summary

A senior-level Offensive Security Engineer is needed to lead advanced offensive security pe at Replit, where you'll develop and execute high-impact security solutions, ensuring the integrity of the code that powers millions of environments.

Required Skills

Offensive Security Penetration Testing Red Team Purple Team AI Systems LLM Prompt-injection Protection Vulnerability Research Cross-Chain Protocols Tool Development Whitebox Testing Data Leakage

Job Description

Replit is the agentic software creation platform that enables anyone to build applications using natural language. With millions of users worldwide, Replit is democratizing software development by removing traditional barriers to application creation.

About the role

We are looking for a senior-level Offensive Security Engineer to serve as a high-impact "adversary-in-residence" for Replit’s cloud-native platform. At Replit, security isn't just about perimeter defense; it’s about the integrity of the code that powers millions of environments.

In this role, you will lead advanced "whitebox" penetration testing engagements—diving deep into our source code to identify systemic weaknesses, logic flaws, and architectural gaps. You will simulate sophisticated adversary tactics across our web applications, APIs, and containerized infrastructure, ensuring that our AI-integrated development environment remains the most secure place for the world’s software to live.

What You'll Do

• Lead Whitebox Penetration Testing: Execute end-to-end testing with full access to source code. You will perform manual code-level inspections to uncover complex logic flaws and authorization bypasses that automated tools miss.

• Simulate Adversarial Attacks: Conduct Red and Purple team engagements across our cloud-native stack (K8s, Docker), simulating how a sophisticated actor might move from a code-level exploit to infrastructure-wide impact.

• Secure AI-Enabled Systems: Perform offensive testing on LLM-backed applications and agentic AI workflows, focusing on prompt injection, data leakage, and abuse of AI-driven components.

• Vulnerability Research & Chaining: Identify, exploit, and demonstrate realistic business risk by chaining vulnerabilities—from the application layer down through our internal trust boundaries.

• Build Offensive Tooling: Contribute to internal security frameworks and build AI-assisted testing tools to automate the discovery of common bug classes while maintaining deep manual testing depth.

• Partner with Engineering: Work closely with product teams and security architects to explain root causes, influence design guardrails, and triage high-priority findings from our Bug Bounty (HackerOne) program.

Required Skills & Experience

• Experience: 7+ years of hands-on experience in penetration testing, offensive security, or vulnerability research.

• Code Fluency: You are a practitioner of whitebox testing. You can navigate large codebases and have a deep understanding of modern application architectures and secure coding pitfalls.

• Cloud-Native Context: You are comfortable in a cloud-native environment. While your focus is the code, you understand how it interacts with Kubernetes, Docker, and hybrid cloud infrastructure.

• Engineering Skills: Strong proficiency in Go, Python, or TypeScript. You should be capable of writing custom scripts, payloads, and proof-of-concept exploits.

• Adversarial Mindset: You enjoy the "hunt" and have a proven track record of manual exploitation beyond automated scanners.

• Communicator: You can translate a complex code-level exploit into a clear narrative that helps engineering teams understand risk and prioritize fixes.

Bonus Qualifications

• Public recognition on platforms like HackerOne or Bugcrowd.

• Experience building or extending AI-based security testing tools.

• Background in incident response or detection engineering from the defensive side.

Published CVEs or security research in the cloud-native or AI space.

This is a full-time role that can be held from our Foster City, CA office. The role has an in-office requirement of Monday, Wednesday, and Friday.

Full-Time Employee Benefits Include:

💰 Competitive Salary & Equity

💹 401(k) Program with a 4% match

⚕️ Health, Dental, Vision and Life Insurance

🩼 Short Term and Long Term Disability

🚼 Paid Parental, Medical, Caregiver Leave

🚗 Commuter Benefits

📱 Monthly Wellness Stipend

🧑‍💻 Autonomous Work Environment

🖥 In Office Set-Up Reimbursement

🏝 Flexible Time Off (FTO) + Holidays

🚀 Quarterly Team Gatherings

☕ In Office Amenities

Want to learn more about what we are up to?

• Meet the Replit Agent

• Replit: Make an app for that

• Replit Blog

• Amjad TED Talk

Interviewing + Culture at Replit

• Operating Principles

• Reasons not to work at Replit

To achieve our mission of making programming more accessible around the world, we need our team to be representative of the world. We welcome your unique perspective and experiences in shaping this product. We encourage people from all kinds of backgrounds to apply, including and especially candidates from underrepresented and non-traditional backgrounds.

Why Apply Through MisuJob?

AI-Powered Job Matching: MisuJob uses advanced artificial intelligence to analyze your skills, experience, and career goals. Our matching algorithm compares your profile against thousands of job requirements to find positions where you have the highest chance of success. This saves you hours of manual job searching and ensures you only see relevant opportunities.

One-Click Applications: Once you create your profile, applying to jobs is effortless. Your resume and cover letter are automatically tailored to highlight the most relevant experience for each position. You can apply to multiple jobs in minutes, not hours.

Career Intelligence: Beyond job matching, MisuJob provides valuable career insights. See how your skills compare to market demands, identify skill gaps to address, and understand salary benchmarks for your experience level. Make data-driven decisions about your career path.

Frequently Asked Questions

How do I apply for this position?

Click the "Register to Apply" button above to create a free MisuJob account. Once registered, you can apply with one click and track your application status in your dashboard.

Is MisuJob free for job seekers?

Yes, MisuJob is completely free for job seekers. Create your profile, get matched with jobs, and apply without any cost. We help you find your dream job without any hidden fees.

How does AI matching work?

Our AI analyzes your resume, skills, and experience to understand your professional profile. It then compares this against job requirements using natural language processing to calculate a match percentage. Higher matches mean better fit for the role.

Can I apply to jobs in other countries?

Absolutely. MisuJob features jobs from companies worldwide, including remote positions. Filter by location or look for remote opportunities to find jobs that match your preferences.

Ready to Apply?

Join thousands of job seekers using MisuJob's AI to find and apply to their dream jobs automatically.

Create Free Account Sign In
← Browse all jobs
Register to Apply