Roblox is ushering in the next generation of entertainment, allowing people to imagine, create, and play together in immersive, user-generated worlds. We’re the one and only fastest-growing entertainment platform that lets anyone teach themselves how to code, publish, and monetize any experience imaginable—across any device—reaching millions of players across the globe.
The impact that you can have at Roblox is powerful. We’re looking for someone who’s eager to take on a meaningful role in the success of Roblox on a massive scale. Someone who takes play seriously and strives for joy in their work. Someone who’s ready to take Roblox—and their career—to the next level.
In 2018, we were honored to be recognized as a Certified Great Place to Work®. We’ve fostered a company culture that empowers people to do the most defining work of their career in an environment where you’ll join forces with the most passionate, team-oriented, visionary, crazy-smart people you’ll ever meet. At Roblox, play rules and the possibilities are endless.
Infosec has critical responsibilities at Roblox: Engineering and designing secure systems from inception to operationalization; setting policies and process; training peer engineering teams in secure methods and ways. The Security Infrastructure engineer will have a core role in setting policy configs, network security architecture guidelines, and defense strategies. This engineer will also have scope to work in greater breadth across security areas - possibly including penetration testing, programming/scripting automation solutions, and/or ML for anomaly detection. Finally, the Security Infrastructure engineering function will have major responsibilities in creating solutions for InfoSec program domains — partnering with our peer teams on requirements and driving build-or-buy decisions.
As an early InfoSec Engineer, you will have the opportunity to be an innovator and foundational member on the InfoSec team at Roblox. We are looking for smart people who work well with others and who want to apply their passion for protecting communities to grow a leading-edge security program. Come join us in building the best trusted all-ages gaming and exchange platform.
- Modern firewall management - layer 7 and SDN, i.e. Palo Alto Networks. Juniper and F5 experience.
- Threat modeling from infrastructure and network perspective.
- Involvement in penetration test and Red Team exercise scoping.
- Defense strategies for network security - including DDOS mitigation, network configuration, change reviews, software and vendor evaluation.
- Building monitoring, detection, and alerting systems
- Creating and operating security tooling and scripting
- Contribute and communicate practical risk analysis for prioritization, both for roadmap and emergent issues
- Partnering cross-functionally, able to translate issues across different domains and specialities
- Security Education and Training - preparation of materials and communication through diverse parts of the org. Contribution to security awareness programming
- BA/BS degree in a relevant engineering field or equivalent practical experience
- Self-organized and comfortable working in a fast-paced environment
- Deep understanding of TCP/IP networking and routing protocols
- Experience in DDOS mitigation strategy
- Understanding of network and application defense tools, including iptables, WAF, RASP
- Breadth in security infrastructure management and tools
- Experience supporting security best practices within a large scale Internet environment
- Experience with network and server hardware, especially SDN
- Experience with various operating systems security - Linux, OSX, Windows, *nix systems and shells, daemons, and processes
- Experience with one or more scripting/programming languages, one scripting language like Python, shell, or Lua, or PowerShell
- Level depending on experience-
Nice To Have
- Experience with AWS security (IAM, EC2, VPC, S3, etc..) and cloud best practices
- Experience with some security and compliance standards, especially in ISO27001, PCI, and/or ITGC
- Familiarity with security controls for privacy regulation (GDPR, CCPA) and COPPA
- Relevant certifications, i.e. CISSP, CEH, GSEC, GIAC, CISM, Stanford Advanced Security Certificate Program, SANS, PAN, Juniper, or Cisco network certifications etc.
- Excellent medical, dental, and vision coverage
- A rewarding 401k program
- Flexible vacation policy
- Free catered lunches five times a week and several fully stocked kitchens with unlimited snacks
- Onsite fitness center and fitness program credit
- Annual CalTrain Go Pass
- A Roblox Admin badge for your avatar
Roblox – Powering Imagination.