Application Security Engineer

Riot Games   •  

Los Angeles, CA

Industry: Hospitality & Recreation

  •  

Not Specified years

Posted 36 days ago

Riot Security Engineers and Analysts hold an in-depth knowledge of specific areas of expertise. We don't just focus on breaking things; we aggressively support teams across Riot to develop robust security capabilities which help protect player experiences. We relish the opportunity to work with new tech stacks and product teams, each with their own particular securityrisk profile and complex challenges.

At the most fundamental level, our goal is to help deliver value to players and make life harder for troublemakers.

As an Application Security Engineer, you will work closely with product teams globally to help build fun, safe and secure experiences for players. You will identify application security gaps and own projects to address them. Your deep knowledge of both the technical detail and player impact of security vulnerabilities will help you communicate potential issues to Rioters and improve the security of the player experience.

Responsibilities:

  • Build projects that contribute towards Application Security’s long-term goals
  • Mentor junior engineers and help level-up their deep understanding of Application Security
  • Define security test strategies for complex systems, identifying security vulnerabilities
  • Develop powerful security tools
  • Build secure automation systems
  • Educate and integrate security in a non-blocking way throughout the development cycle
  • Develop relationships with engineering teams to understand their application security needs
  • Evangelize application security and secure coding practices throughout Riot engineering
  • Help level up our bug bounty program and provide researchers with an elite bug bounty experience
  • Review code and hunt for security vulnerabilities before we release products to players
  • Champion Application Security initiatives to product leads and engineers

Applicable Technologies:

  • C#, JavaScript, Python or equivalent programming experience
  • Burp Suite
  • OWASP ZAP
  • Static analysis tools
  • System automation