${ alert.message }}
${ alert.message }}
User Profile
We need some information before you can continue.
Share Job
Copy the link below to share this job.
Roblox

InfoSec - Security Software Engineer

${ timestamp }} · 
Roblox
๐Ÿ‡บ๐Ÿ‡ธ San Mateo, CA

Every day, tens of millions of people from around the world come to Roblox to play, learn, work, and socialize in immersive digital experiences created by the community.

Our vision is to build a platform that enables shared experiences among billions of users. This is whatโ€™s known as the metaverse: a persistent space where anyone can do just about anything they can imagine, from anywhere in the world and on any device. The breadth of opportunities, and the evolving demands of this first-of-its-kind platform, ensure that your avenues for growth are always expanding and flexible.

Join us and youโ€™ll usher in a new category of human interaction while solving exceptional challenges that you wonโ€™t find anywhere else.

InfoSec has critical responsibilities at Roblox: Engineering and designing secure systems from inception to operationalization; establishing policies and processes that will be followed; training peer engineering teams in secure methods; making security risks visible and actionable company-wide. The Security Software Engineer role will have a critical job in driving consistency and excellence in our automation. Youโ€™ll work closely with InfoSec leads and partner teams on identifying automation opportunities and actioning them. You will innovate the way we secure our infrastructure by designing, operating and building new security controls, or extending existing ones. Finally, youโ€™ll have an opportunity to learn and mentor with experts across a wide range of InfoSec sub-disciplines, such as public key infrastructure, incident response, threats and vulnerability management, DevSecOps tooling, threat modeling, and bug hunting.

As an early InfoSec Engineer, you will have the opportunity to be an innovator and foundational member on the InfoSec team at Roblox. We are looking for smart people who work well with others who want to apply their passion for protecting communities to grow a leading-edge security program. Come join us in building the best trusted all-ages gaming and exchange platform.

Responsibilities

  • Design, build and maintain highly available robust and reliable security services for the Roblox infrastructure (TVM, IR, PKI, D&R, key management)
  • Contribute and communicate practical risk analysis for prioritization
  • Evaluate commercial tools and vendors
  • Security education and training - preparation of materials and communication through diverse parts of the org. Contribution to security awareness programming
  • InfoSec on-call rotation
  • Mentoring junior members of the team

Requirements

  • Self-organized and comfortable working in a fast-paced environment
  • BA/BS degree in a relevant engineering field or equivalent practical experience
  • Experience with software engineering best practices
  • Experience with building and maintaining distributed systems at scale
  • Proficient with at least one object oriented programming language (Java, Python, Go C++, C# .NET)
  • Experience with at least one scripting language (Bash, Lua, Python)
  • Experience working as a service owner in a DevOps or DevSecOps environment
  • Understanding of networking protocols and technologies and experience on debugging and troubleshooting them
  • Experience with Linux, Windows and/or other *nix systems
  • Level depending on experience

Nice To Have

  • Experience supporting security best practices within a large scale Internet environment
  • Knowledge of cryptography, PKI, TLS as well as practical implementation of the same
  • Experience with vulnerability and threat impact analysis
  • Experience with AWS security (IAM, EC2, VPC, S3, etc..) and cloud technologies best practices
  • Experience with containers (Docker, Windows Server), and specifically container security
  • Experience with Kubernetes/Nomad
  • Experience working with one major logging tool, like ELK or Splunk
  • Relevant certifications, i.e. CISSP, CEH, GSEC, GIAC, CISM, Stanford Advanced Security Certificate Program, OWASP, CSSLP, etc.
  • Exposure to vulnerability risk framework, at least one major one like FIRST, or OWASP, or NIST NVD

You'll Love:

  • Excellent medical, dental, and vision coverage
  • A rewarding 401k program
  • Flexible vacation policy
  • Free catered lunches five times a week and several fully stocked kitchens with unlimited snacks
  • Onsite fitness center and fitness program credit
  • Annual CalTrain Go Pass
  • A Roblox Admin badge for your avatar