Senior Software Engineer, Fraud

Replit
Foster City, US
On-site

Who this role is best for

Geared toward senior security engineers comfortable with adversarial work who have hands-on experience applying AI to security problems in a production environment.

Best fit for

  • Senior engineers with a track record in adversarial security roles and AI applications.
    โ€” โ€œThis is adversarial work: attackers adapt constantlyโ€
  • Candidates who thrive on end-to-end ownership of abuse detection and response systems.
    โ€” โ€œYou'll own problems end-to-end, from identifying emerging abuse patternsโ€
  • Security professionals with experience in fraud detection and trust & safety platforms.
    โ€” โ€œ4+ years of experience in security engineering, anti-abuse, trust & safety, or fraud detectionโ€

Things to consider

  • Requires in-office presence three days a week in Foster City, CA.
    โ€” โ€œThe role has an in-office requirement of Monday, Wednesday, and Fridayโ€
  • Not suitable for those preferring isolated work over cross-functional collaboration.
    โ€” โ€œYou prefer working in isolation rather than partnering closely with Support, Legal, and cross-functional teamsโ€

How to stand out

  • Highlight specific instances where you've built ML/LLM-based classifiers for security.
    โ€” โ€œExperience building or fine-tuning ML/LLM-based classifiers for security or abuse detectionโ€
  • Demonstrate your ability to translate attack patterns into automated defenses.
    โ€” โ€œAbility to investigate complex abuse patterns and translate findings into automated defensesโ€
  • Showcase experience with BigQuery or similar tools for large-scale data analysis.
    โ€” โ€œExperience with SQL and data analysis at scale (BigQuery, Snowflake, or similar)โ€
Pace ยท Fast PacedCollaboration ยท HighAutonomy ยท MediumDecision Impact ยท CompanyLevel ยท Senior

Derived from job-description analysis by Serendipath's career intelligence engine.

What success looks like

  • design and implement llm guardrails
  • build ai-powered detection systems
  • operate abuse detection systems
  • investigate complex abuse patterns
  • track abuse trends
Typical background
4+ years of experience in security engineering, anti-abuse, trust & safety, or fraud detection

Skills & requirements

Required

PythonTypeScriptSQLMLLLMFraud DetectionSecurityAutomationData Analysis

Preferred

Platform Company ExperienceFraud DetectionPayment AbuseDevice FingerprintingEmail ValidationCi/cd Security

Stack & domain

PythonTypeScriptSQLBigQueryHexSlurperNetwatchSastScaCommunicationSecurityFraud Detection

About the role

Original posting from Replit via Ashby

Replit is the agentic software creation platform that enables anyone to build applications using natural language. With millions of users worldwide, Replit is democratizing software development by removing traditional barriers to application creation.

About the role

The Fraud team is the front line defending Replit's platform from exploitation. We detect and shut down phishing deployments, prevent cryptomining on free-tier infrastructure, stop LLM token farming, and keep bad actors from weaponizing the platform against our users. This is adversarial work: attackers adapt constantly, and we build the detection systems, heuristics, and automated responses that stay ahead of them.

What makes this role unique is the AI-native nature of Replit's platform. You'll work on problems that barely exist elsewhere: building guardrails for AI-generated code, detecting prompt injection attacks at scale, and using LLMs as a defensive tool against abuse. If you want hands-on experience applying AI to security problems, this is one of the few places you can do it in production with real attackers. You'll own problems end-to-end, from identifying emerging abuse patterns to shipping the systems that stop them at scale.

In this role you willโ€ฆ

  • Design and implement LLM guardrails that detect abuse scenarios in AI-generated code and agent interactions
  • Build AI-powered detection systems that use LLMs to identify malicious patterns, classify threats, and automate response decisions
  • Build and operate abuse detection systems that identify phishing, cryptomining, account takeover, and financial fraud across millions of daily user actions
  • Design automated response mechanisms that enforce platform policies without manual intervention
  • Own the full abuse response lifecycle: detection, investigation, enforcement, and handling appeals alongside Support and Legal
  • Analyze attack patterns using BigQuery and Hex, turning investigation findings into new detection rules
  • Maintain and extend internal detection tools (Slurper, Netwatch) that continuously monitor user activity
  • Integrate and tune security scanners (SAST, SCA) in CI pipelines with tight performance SLAs
  • Track abuse trends, measure detection effectiveness, and adapt defenses as attack patterns evolve

Required skills and experience:

  • 4+ years of experience in security engineering, anti-abuse, trust & safety, or fraud detection
  • Strong programming skills in Python and/or TypeScript for building detection systems and automation
  • Experience with SQL and data analysis at scale (BigQuery, Snowflake, or similar)
  • Experience building or fine-tuning ML/LLM-based classifiers for security or abuse detection
  • Familiarity with prompt injection, jailbreaking, and other LLM-specific attack vectors
  • Ability to investigate complex abuse patterns and translate findings into automated defenses
  • Familiarity with common attack patterns: phishing infrastructure, account takeover, credential stuffing, resource abuse
  • Clear communication skills for working across Security, Support, Legal, and Engineering teams.

Nice to have:

  • Experience at a platform company dealing with user-generated content or compute abuse (hosting providers, cloud platforms, developer tools)
  • Background in fraud detection, payment abuse, or financial crime
  • Familiarity with device fingerprinting, IP reputation, and email validation services
  • Experience with CI/CD security tooling (SAST, SCA, Dependabot, Snyk)
  • Knowledge of container security, Linux internals, or cloud infrastructure (GCP preferred)
  • Prior work with abuse reporting pipelines, trust & safety tooling, or content moderation systems

Tools + Tech Stack for this role

  • Languages: Python, TypeScript, Go, SQL
  • Data: BigQuery, Hex
  • Detection tools: Slurper, Netwatch, Stytch (device fingerprint); ClearOut (email reputation)
  • CI/CD Security: Dependabot, Snyk, SAST/SCA scanners
  • Infrastructure: GCP, Kubernetes
  • Collaboration: Linear, Slack, Zendesk (for abuse reports)

This role may not be a fit if

  • You prefer deep security research over building operational detection systems
  • You want to focus on vulnerability management, pentesting, or bug bounty triage (that's our Security team)
  • You're looking for a role with predictable, well-defined problems rather than constantly adapting to adversarial behavior
  • You prefer working in isolation rather than partnering closely with Support, Legal, and cross-functional teams
  • You're uncomfortable making enforcement decisions that affect real users

This is a full-time role that can be held from our Foster City, CA office. The role has an in-office requirement of Monday, Wednesday, and Friday.

Full-Time Employee Benefits Include:

๐Ÿ’ฐ Competitive Salary & Equity

๐Ÿ’น 401(k) Program with a 4% match (US Only)

โš•๏ธ Health, Dental, Vision and Life Insurance

๐Ÿฉผ Short Term and Long Term Disability

๐Ÿšผ Paid Parental, Medical, Caregiver Leave

๐Ÿ Flexible Time Off (FTO) + Holidays

๐Ÿš— Commuter Benefits (In-Office Only)

๐Ÿ“ฑ Monthly Wellness Stipend

๐Ÿง‘โ€๐Ÿ’ป Autonomous Work Environment

๐Ÿ–ฅ In Office Set-Up Reimbursement (In-Office Only)

๐Ÿš€ Quarterly Team Gatherings

โ˜• In Office Amenities (In-Office Only)

Want to learn more about what we are up to?

  • Meet the Replit Agent https://www.youtube.com/watch?v=IYiVPrxY8-Y
  • Replit: Make an app for that https://www.youtube.com/watch?v=4zd9hzngFwY
  • Replit Blog https://blog.replit.com/
  • Amjad TED Talk https://youtu.be/kCudFI4tcpg?si=l4ViCejV_f2RZkDi

Interviewing + Culture at Replit

  • Operating Principles https://blog.replit.com/operating-principles
  • Reasons not to work at Replit https://blog.replit.com/reasons-not-to-join-replit

To achieve our mission of making programming more accessible around the world, we need our team to be representative of the world. We welcome your unique perspective and experiences in shaping this product. We encourage people from all kinds of backgrounds to apply, including and especially candidates from underrepresented and non-traditional backgrounds.

Source: Replit careers (Ashby)

Similar roles