We’re on a mission to make programming more accessible by building the best, simplest, and fastest coding environment. Replit is a place to not only learn and practice programming but also to collaborate and ship applications.

At Replit, we give people computing superpowers. Most people use these superpowers for good. A small number use them to attack Replit itself or other community members. If we can prevent or automatically detect most abuse, we can maintain the most open compute platform on the internet and teach millions of people to code. Security is a key competitive advantage for us — this is an opportunity to have meaningful impact to our mission.

Roles & Responsibilities:

Be the founding security engineer at Replit

Create proof-of-concept attacks on Replit Infrastructure

We are particularly interested in wide-scale attacks that can be launched from Replit itself

Mitigate those attacks

Describe and implement best practices to guard against attacks

Develop monitoring to detect abuse

Key Qualifications:

Experience penetrating and/or defending internet services

The ability to write clear steps to reproduce an attack

A keen eye for unintended consequences and emergent behavior

Bonus Points:

Experience attacking or defending Platform/Infrastructure/Runtime as a Service

Job Location:

Global (overlap 4 hours with US Pacific Time)