Description
We are looking for a Product Security Architect to serve as the subject matter expert for Replit's secure product blueprint. In this critical role, you will define and implement the application security architecture for our multi-tenant SaaS platform, ensuring our platform is resilient and secure by design.
As a Product Security Architect, you will be a key technical contributor,leading high-impact security initiatives and providing deep subject matter expertise to both the engineering organization and executive leadership.
Your responsibilities will include:
- Defining the product security vision, ensuring consistency across complex application architecture projects
- Leading the security implementation of new product features from initial design to final production deployment
- Conducting proactive threat modeling for new product features and major architectural changes
- Defining and enforcing best practices around application security, including audit/application logging, configuration, tenant separation, encryption, customer BYOK, RBAC design, API design, and Session/cookie/token management
- Defining and implementing secure Authentication/Authorization protocols (mTLS/OIDC/OAuth/SAML) for multi-tenant SaaS products
- Assessing and mitigating risks associated with application third-party integrations such as payment, AI models, code repositories, etc.
The ideal candidate will have 8+ years of experience in product security engineering or architecture, specifically with Multi-tenant SaaS products. They will also have experience with AI Agent-based Saas products, deep expertise in common product security practices, and exceptional ability to communicate technical risk to both engineering and executive audiences.
In addition to technical skills, the successful candidate will have a strong track record of contributing to Cybersecurity Risk Register and will be comfortable leading major technical initiatives and driving outcomes with minimal oversight.