×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity AI Engineer

Security Engineer, Anti-Abuse

Job in Foster City, San Mateo County, California, 94420, USA
Listing for: Repl.it
Full Time position
Listed on 2026-01-16
Job specializations:
  • IT/Tech
    Cybersecurity, AI Engineer
Salary/Wage Range or Industry Benchmark: 192700 - 250000 USD Yearly USD 192700.00 250000.00 YEAR
Job Description & How to Apply Below

Location

Foster City, CA (Hybrid) In office M,W,F

Employment Type

Full time

Department

Engineering

Compensation
  • Compensation is determined based on career level, with the base salary for this role ranging from $192.7K – $250K
    • Offers Equity
    • Offers Bonus
    • Performance Based Bonus

Replit is the agentic software creation platform that enables anyone to build applications using natural language. With millions of users worldwide and over 500,000 business users, Replit is democratizing software development by removing traditional barriers to application creation.

About the role

The Anti-Abuse team is the front line defending Replit's platform from exploitation. We detect and shut down phishing deployments, prevent cryptomining on free‑tier infrastructure, stop LLM token farming, and keep bad actors from weaponizing the platform against our users. This is adversarial work: attackers adapt constantly, and we build the detection systems, heuristics, and automated responses that stay ahead of them.

What makes this role unique is the AI-native nature of Replit's platform. You'll work on problems that barely exist elsewhere: building guardrails for AI-generated code, detecting prompt injection attacks at scale, and using LLMs as a defensive tool against abuse. If you want hands‑on experience applying AI to security problems, this is one of the few places you can do it in production with real attackers.

You'll own problems end-to-end, from identifying emerging abuse patterns to shipping the systems that stop them at scale.

In this role you will…
  • Design and implement LLM guardrails that detect abuse scenarios in AI-generated code and agent interactions
  • Build AI-powered detection systems that use LLMs to identify malicious patterns, classify threats, and automate response decisions
  • Build and operate abuse detection systems that identify phishing, cryptomining, account takeover, and financial fraud across millions of daily user actions
  • Design automated response mechanisms that enforce platform policies without manual intervention
  • Own the full abuse response lifecycle: detection, investigation, enforcement, and handling appeals alongside Support and Legal
  • Analyze attack patterns using Big Query and Hex, turning investigation findings into new detection rules
  • Maintain and extend internal detection tools (Slurper, Netwatch) that continuously monitor user activity
  • Integrate and tune security scanners (SAST, SCA) in CI pipelines with tight performance SLAs
  • Track abuse trends, measure detection effectiveness, and adapt defenses as attack patterns evolve
    • flde? (remove placeholder if any)
Required skills and experience
  • 4+ years of experience in security engineering, anti-abuse, trust & safety, or fraud detection
  • Strong programming skills in Python and/or Type Script for building detection systems and automation
  • Experience with SQL and data analysis at scale (Big Query, Snowflake, or similar)
  • Experience building or fine‑tuning ML/LLM-based classifiers for security or abuse detection
  • Familiarity with prompt injection, jail breaking, and other LLM‑specific attack vectors
  • Ability to investigate complex abuse patterns and translate findings into automated defenses
  • Familiarity with common attack patterns: phishing infrastructure, account takeover, credential stuffing, resource abuse
  • Clear communication skills for working across Security, Support, Legal, and Engineering teams.
Nice to have
  • Experience at a platform company dealing with user-generated content or compute abuse (hosting providers, cloud platforms, developer tools)
  • Background in fraud detection, payment abuse, or financial crime
  • Familiarity with device fingerprinting, IP reputation, and email validation services아이?
  • Experience with CI/CD security tooling (SAST, SCA, Dependabot, Snyk)
  • Knowledge of container security, Linux internals, or cloud infrastructure (GCP film?)
  • Prior work with abuse reporting pipelines, trust & safety tooling, or content moderation systems
Tools + Tech Stack for this role
  • Languages:

    Python, Type Script, Go, SQL
  • Data:
    Big Query, Hex
  • Detection tools:
    Slurper, Netwatch, Stytch (device fingerprint);
    Clear Out (email reputation)
  • CI/CD Security:
    Dependabot, Snyk, SAST/SCA scanners
  • Infr…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search