Security Architecture Lead

Replit is the agentic software creation platform that enables anyone to build applications using natural language. With millions of users worldwide and over 500,000 business users, Replit is democratizing software development by removing traditional barriers to application creation.About the RoleWe are looking for a Security Architecture Lead to serve as the primary technical authority for Replit’s security blueprint. In this Technical Lead capacity, you will steer the architectural direction for a team of security architects and engineers, ensuring our platform is resilient and secure by design. You will be a "player-coach"—leading high-impact technical initiatives while providing deep subject matter expertise to both the engineering organization and executive leadership.What You'll DoTechnical Leadership & MentorshipArchitectural North Star: Act as the lead technical voice for security architecture, defining the long-term vision and ensuring consistency across complex infrastructure and product projects.Technical Mentorship: Provide high-level guidance and mentorship to security engineers, fostering a culture of technical excellence and rigorous security design without the overhead of administrative management.Project Steering: Lead cross-functional squads through complex security implementations, from initial design to final production deployment.Architecture Strategy & Risk ManagementMaintain the Source of Truth: Define and maintain (document) the authoritative "Source of Truth" for Replit’s secure architecture, ensuring these patterns are consistently adopted across all engineering teams.Secure Bootstrapping & Isolation: Drive the design for secure bootstrapping and multi-layered trust. Enforce isolation principles at every level—from technical containerization and network segmentation to business logic and multi-tenant resource separation.Contribution to Risk Register: Actively identify, document, and quantify architectural security risks. You will be responsible for ensuring these are accurately reflected in the Cybersecurity Risk Register, translating technical debt into actionable risk profiles for executive stakeholders.Security Design & ReviewDeep-Dive Reviews: Oversee and conduct deep-dive security reviews for core product features and infrastructure, identifying potential threats and mitigating risks early in the development lifecycle.Availability & Resilience: Own the architectural strategy for Availability, specifically defending against DoS threats to ensure a highly resilient platform.Cross-Functional EnablementCompliance & Documentation: Partner with GRC teams to translate complex architectural designs into clear, audit-ready documentation and control frameworks. Evaluate required controls against architecture and assess readiness for future compliance certifications.GTM & Sales Support: Act as the technical bridge for the Sales team, addressing complex security inquiries from enterprise customers regarding Replit's architectural integrity.Required Skills & Experience8+ years of experience in security engineering or security architecture.Proven experience as a Technical Lead, steering large-scale projects and guiding the work of other senior engineers.Experience writing and maintaining Architecture documents.Deep expertise in cloud-native security architecture (GCP experience is a significant plus) for multi-tenant SaaS products.Experience designing secure boot, hardware/Cloud-KMS-rooted trust, and multi-layered defense systems.Strong understanding of isolation technologies and DDoS mitigation.Exceptional ability to communicate technical risk to both engineering and executive audiences.Strong track record of contributing to Cybersecurity Risk Register.What We ValueSystems Thinking: The ability to see the "big picture" and understand how security decisions impact the entire stack.Technical Influence: The ability to drive technical alignment across the organization through expertise and collaboration rather th ... (truncated, view full listing at source)