Product Security Engineer
Riot Security Engineers and Analysts hold an in-depth knowledge of specific areas of expertise. We don't just focus on breaking things; we support teams across Riot to develop robust security capabilities which help protect player experiences. We relish the opportunity to work with new tech stacks and product teams, each with their own particular security risk profile and complex challenges.
At the most fundamental level, our goal is to help deliver value to players and make life harder for troublemakers.
As a Product Security Engineer, you will work closely with product teams globally to help build fun, safe and secure experiences for players. You will identify product security gaps and own projects to address them. Your deep knowledge of both the technical detail and player impact of security vulnerabilities will help you communicate potential issues to Rioters and improve the security of the player experience.
You will report to the Manager of Security Engineering and be based in the Dublin office.
Responsibilities:
- Build projects that contribute towards Product Security’s long-term goals
- Define security test strategies for complex systems, identifying security vulnerabilities
- Develop powerful security tools and automation systems
- Educate and integrate security in a non-blocking way throughout the development cycle
- Help level up our bug bounty program and provide researchers with an elite bug bounty experience
- Review code and hunt for security vulnerabilities before we release products to players
- Champion Product Security initiatives to engineers
- You may (circumstances allowing) visit our approximately twice a year for around three to four weeks in total
Required Qualifications:
- 2 years of experience in an application/product/cloud security role
- Programming experience in C#, C++, Java, JavaScript, Golang or Python
- You have experience securing infrastructure in AWS, GCP or other clouds (Azure, Softlayer or private clouds)
- Experience using web application security testing tools such as Burp Suite and OWASP ZAP
- As comfortable communicating in distributed teams as with people sitting right next to you
Desired Qualifications:
- Experience implementing, tuning and helping software teams understand the output from static analysis tools
- You’ve built systems in the cloud and kept and online production environment secure and stable
- Codifying and deploying infrastructure with Terraform / Terragrunt
- Experience with Container Security
- Security testing of infrastructure and driving the resolution of issues found
For this role, you'll find success through craft expertise, a collaborative spirit, and choices that focus on your fellow Rioters, who are the customers of your work. Being a dedicated fan of games is not necessary for this position!
Our Perks:
- Open paid time off
- Retirement benefits with company matching
- Medical and dental plans that cover you, your spouse/domestic partner, and children
- Life insurance, short-term and long-term disability
- Family Bonding leave
- Commuting allowance
- Flexible benefits allowance
- Vision allowance
- Daily lunch, snacks and fruit in the office
- We will double down on your donations of time and money to nonprofits
Let's Thrive Together:
Because together we are better
We know that fresh and varied perspectives will make us better at what we do, so however you identify and whatever background you bring with you, we're excited to hear from you. Don't be discouraged if you feel you don't fully meet every single one of the requirements for a particular role, there's always room for growth at Riot. If you spot a role that will make you want to jump out of bed in the morning, we are waiting to hear from you! Don't forget to include a resume. We receive many applications, but we'll notice a fun, well-written intro that shows us you Dare to Dream and Execute with Excellence.