Cloud Security Lead

Replit is the agentic software creation platform that enables anyone to build applications using natural language. With millions of users worldwide, Replit is democratizing software development by removing traditional barriers to application creation.

Join us at the forefront of AI and cloud-native security as we work to secure one of the most innovative developer platforms in the world. As the Cloud Security Lead, you will shape the cloud and infrastructure security program that protects millions of developers, enables safe AI-assisted development, and ensures organizations can confidently bring our platform into enterprise environments.

In this role, you will own cloud security across GCP (primary) and supplemental environments in AWS and Azure, as well as containerized systems, SaaS platforms, and our multi-tenant AI infrastructure. You’ll improve our security posture through strong architecture, posture management, secure-by-default development practices, and close partnership with Engineering, Compliance, Security Architecture, and Platform teams.

This is a highly impactful, hands-on leadership role—perfect for someone who wants to solve complex security challenges at scale while influencing product, engineering, and go-to-market teams.

What You’ll Do:

Cloud Security Engineering

• Lead configuration hardening across GCP, with additional oversight of workloads and integrations running in AWS and Azure.

• Own and optimize CSPM platforms across multi-cloud environments—establishing configuration baselines, guardrails, and remediation workflows.

• Secure critical SaaS platforms, ensuring proper configurations, access controls, and engineering integrations.

• Lead infrastructure vulnerability management across multi-cloud systems, containers, registries, and platform services.

• Enhance security across containerized and Kubernetes (GKE/EKS/AKS) workloads, including runtime protections, network policies, and workload identity.

• Assess secure logging configurations across cloud/SaaS providers, ensuring audit logs, retention, and routing meet monitoring and architecture needs.
  
  

Secure Development & Architecture Enablement

• Partner with engineering teams to make services secure by default, embedding security into development workflows, CI/CD pipelines, and cloud-native deployments.
  
  

Cross-Functional Responsibilities

• Collaborate with Security Monitoring, Compliance/GRC, Architecture, DevOps, Platform Engineering, and ML Infrastructure.

• Participate in communicating security advisories, best practices, and updates to Replit’s customers.

• Support incident investigations as a cloud security subject-matter expert.

Required Skills & Experience:

• 7+ years of experience in cloud engineering, with 3+ years in a senior or lead role.

• Hands-on experience with CSPM tools (Wiz, Lacework, Prisma, Orca, SCC, etc.).

• Deep expertise in GCP security (IAM, VPC, KMS, GKE, Cloud Logging).

• Experience securing and governing SaaS platforms and identity integrations.

• Operational experience with infrastructure vulnerability management across cloud and container environments.

• Working knowledge of AWS and/or Azure security services and configurations.

• Experience with container and Kubernetes security across GKE, EKS, or AKS.

• Strong IaC security experience with Terraform, Pulumi, or similar tooling.

• Familiarity with compliance standards (SOC 2, ISO 27001, PCI DSS).