Security Engineer - Vuln Management (Code)

Replit is the agentic software creation platform that enables anyone to build applications using natural language. With millions of users worldwide, Replit is democratizing software development by removing traditional barriers to application creation. ABOUT THE ROLE We are seeking a mid-level AppSec Vulnerability Management Engineer with a strong software development background. In this role, you will bridge the gap between security, compliance, and engineering teams. You will identify application vulnerabilities, maintain software supply chain security, and drive tracking to satisfy strict regulatory compliance frameworks. You will also serve as a technical responder during security incidents, deploying real-time countermeasures to protect our software ecosystem. WHAT YOU'LL DO CORE RESPONSIBILITIES - Vulnerability Scanning & Triage: Perform periodic application security scanning activities. Review results and prioritize flaws based on CVSS scores, real-world exploitability, and system exposure. - Compliance-Driven Tracking: Track, document, and manage vulnerabilities according to strict compliance SLAs (e.g., SOC 2, ISO 27001, PCI-DSS). Maintain audit-ready evidence of remediation timelines and exception approvals. - Executive Reporting & Alerting: Escalate and report critical exposures directly to the CISO and senior leadership. Maintain dashboards and alerting mechanisms th