Senior Security Engineer - Application Security, DevSecOps
Los Angeles, USA
Applications have closed
Riot Games, Inc.
Riot Games. Developer of League of Legends, VALORANT, Teamfight Tactics, Legends of Runeterra, and Wild Rift. Creators of Arcane. Home of LOL and VALORANT Esports.Riot Security Engineers and Analysts hold an in-depth knowledge of specific areas of expertise. We don't just focus on breaking things; we proactively support teams across Riot to develop robust security capabilities which help protect player experiences. We relish the opportunity to work with new tech stacks and product teams, each with their own unique security risk profile. At the most fundamental level, their goal is to help deliver value to players and make life harder for troublemakers.
Our team safeguards our player-impacting products, services, data, and infrastructure. Platform Security supports both cloud and bare-metal infrastructures by developing tools and providing guidance to engineers. We develop tools in Go, Python, and other languages that help Riot secure the platforms we use to deliver games to players.
Responsibilities:
- Work on a diverse, cross-functional team that is protecting players and Rioters alike, socializing security within Riot and driving a secure player experience in League of Legends and future games
- Develop and automate powerful security tools and services that help engineers ship fun and secure experiences to our players
- Work with product and infrastructure teams throughout their development cycle, integrating security in an non-blocking way and educating along the way
- As a support champion for Riot engineers you will develop relationships with engineering teams to understand their infrastructure security needs
- Help develop and enforce security policies and standards to make it easier for Rioters to build security into their work
- Stay aware of new security threats, quickly discern their nefarious implications, and suggest solutions to quash emergent issues or fortify against future problems.
- Work across a variety of different teams to shore up security on every beachhead, assess application vulnerability, and conduct security reviews.
Required Qualifications:
- 3-5 years of experience in an infrastructure/product security role
- You’ve built systems in the cloud and kept an online production environment secure and stable
- You can code in Python, Javascript, Go or a similar language
- You have experience building and securing infrastructure in AWS, GCP or other clouds (Azure, Softlayer, or private clouds)
- Experience automating and managing infrastructure management with Terraform, Ansible, and/or other Infrastructure as Code/Configuration Management technologies
- Experience with Secure DevOps or DevOps practices. Familiarity with testing for every release and frequent deployments of services and automation
- You have experience with networking fundamentals and best practices
- Comfortable communicating in distributed teams as well with people sitting right next to you
Desired Qualifications:
- Secure the Cloud: You've built systems in the cloud and kept an online production environment secure and stable. You have experience securing infrastructure in AWS, GCP or other clouds (Azure, Softlayer or Private Clouds) and you're comfortable with Linux and networking.
- Automation: You've made infrastructure hum with Ansible or similar tools and can script in Python, Javascript, Go or something similar. You've similarly deployed, and supported applications across various tech stacks and multiple regions; familiar with core concepts of object-oriented, functional, and other programming paradigms and have used one or more modern source control management tools.
- Adaptable: You're able to rapidly change direction when priorities shift, stay focused on the most relevant issues and can evolve and shift to meet them as needed.
For this role, you'll find success through craft expertise, a collaborative spirit, and choices that focus on your fellow Rioters, who are the customers of your work. Being a dedicated fan of games is not necessary for this position!
Our Perks:
Riot has a focus on work/life balance, shown by our open paid time off policy, in addition to other perks such as flexible work schedules. We offer medical, dental, and life insurance, parental leave for you, your spouse/domestic partner and children, and a 401k with company match. Check out our benefits pages for more information.
Riot Games fosters a player and workplace experience that values teamwork embodied by the Summoner's Code and Community Code. Our culture embraces differences as a strength, and our values are the guiding principles for how we approach work. We are committed to putting diversity and inclusion (D&I) at the center of everything we do, and promoting a fair and collaborative culture where Rioters treat one another with dignity and respect. We encourage you to read more about our value of thriving together and our ongoing work to build the most inclusive company in Gaming.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Ansible Application security Automation AWS Azure Cloud DevOps DevSecOps GCP JavaScript Linux Product security Python Terraform
Perks/benefits: 401(k) matching Flex vacation Health care Medical leave Parental leave
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.