Systems Security Leader
Infosec has critical responsibilities at Roblox: Engineering and designing secure systems from inception to operationalization; setting policies and process; training peer engineering teams in secure methods and ways. The Systems Security Lead will have a critical role in leading and mentoring the Systems Security function in Roblox Security. Prototyping secure DevOps pipelines, deployment configurations and images. Managing network vulnerability management, threat/intel tooling, and security incident response. This position will also be a key contributor in improving our compliance reporting and posture for PCI and privacy, demonstrating efficient reporting and self-healing automation via security- and privacy-by-design. Finally, the Security Infrastructure engineering function will have major responsibilities in creating solutions for InfoSec program domains — partnering with our peer teams on requirements and driving build-or-buy decisions.
The Systems Security Lead should also have excellent collaboration and communication skills. The Security teams partner closely with each other, and also must engage technical partners all across the org and at all levels to achieve good solutions among competing demands. This requires subject matter depth, business maturity and acumen, and ability to relate to other departments’ needs.
As an early InfoSec Engineer, you will have the opportunity to be an innovator and foundational member on the InfoSec team at Roblox. We are looking for smart people who work well with others who want to apply their passion for protecting communities to grow a leading-edge security program. Come join us in building the best trusted all-ages gaming and exchange platform.
- Manage and mentor the Systems Security group
- Network Security guidance
- Leading Security IR - tuning security monitoring
- Vulnerability management - network services
- Threat/Intel tooling
- Contribute and communicate practical risk analysis for prioritizations, both for roadmap and emergent issues.
- Security Education and Training - preparation of materials and communication through diverse parts of the org. Contribution to security awareness programming.
- Metrics development
- Security program development
- BA/BS degree in a relevant engineering field or equivalent practical experience
- Self-organized and comfortable working in a fast-paced environment.
- Experience supporting security best practices within a large scale Internet environment.
- Experience with network and server hardware, especially SDN.
- Experience with various operating systems security - Linux, OSX, Windows, *nix systems and shells, daemons, and processes
- Experience with AWS security (IAM, EC2, VPC, S3, etc..) and cloud best practices
- Experience with containers (Docker, Windows Server), and specifically container security
- Knowledge of cryptography, PKI, TLS as well as practical implementation of the same
- Experience with one or more scripting/programming languages. Proficiency in at least one scripting language like Python, shell, or Lua.
- Experience with some compliance reporting, esp. In PCI and/or ITGC.
- Level Depending On Experience
Nice To Have
- Experience with Hashistack
- Experience with Kubernetes
- Programming and/or scripting proficiency
- Familiarity with Privacy (GDPR, CA AB-375) and COPPA
- Relevant certifications, i.e. CISSP, CEH, GSEC, GIAC, CISM, Stanford Advanced Security Certificate Program, OWASP, CSSLP, etc.
Roblox is ushering in the next generation of entertainment, allowing people to imagine, create, and play together in immersive, user-generated worlds. We’re the one and only fastest-growing entertainment platform that lets anyone teach themselves how to code, publish, and monetize any experience imaginable—across any device—reaching millions of players across the globe.
The impact that you can have at Roblox is powerful. We’re looking for someone who’s eager to take on a meaningful role in the success of Roblox on a massive scale. Someone who takes play seriously and strives for joy in their work. Someone who’s ready to take Roblox—and their career—to the next level.
In 2018, we were honored to be recognized as a Certified Great Place to Work®. We’ve fostered a company culture that empowers people to do the most defining work of their career in an environment where you’ll join forces with the most passionate, team-oriented, visionary, crazy-smart people you’ll ever meet. At Roblox, play rules and the possibilities are endless.