Principal Application Security Engineer

Posted 2 Days Ago
Be an Early Applicant
San Mateo, CA
351K-426K Annually
Senior level
Computer Vision • Gaming • Software • Virtual Reality • Web3 • Metaverse
Immersive gaming and creation platform
The Role
As a Principal Application Security Engineer at Roblox, you will enhance the InfoSec Product Security team by leading security initiatives, penetration testing, and threat modeling. You will collaborate with engineering to integrate security into development processes, mentor other engineers, and refine security protocols and standards to protect user data and systems.
Summary Generated by Built In

Every day, tens of millions of people come to Roblox to explore, create, play, learn, and connect with friends in 3D immersive digital experiences– all created by our global community of developers and creators. 

At Roblox, we’re building the tools and platform that empower our community to bring any experience that they can imagine to life. Our vision is to reimagine the way people come together, from anywhere in the world, and on any device. We’re on a mission to connect a billion people with optimism and civility, and looking for amazing talent to help us get there. 

A career at Roblox means you’ll be working to shape the future of human interaction, solving unique technical challenges at scale, and helping to create safer, more civil shared experiences for everyone.

As a Principal Application Security Engineer, you will play a pivotal role in shaping the growth of Information Security's (InfoSec) Product Security team, collaborating with engineering teams early in their processes to provide secure design solutions and establish security standards. Your responsibilities will include penetration testing, threat modeling, and code reviews. You will also participate in evaluation and integration of DevSecOps tools.

As a key member of the team, you will drive company-wide projects across diverse tech stacks, working with engineering leaders to remediate security challenges. You will define and evolve the technical vision for scaling application security practices across the organization.

You will:

  • Lead company-wide security initiatives to address critical security challenges.
  • Build and nurture cross-company relationships to achieve security objectives.
  • Provide guidance on product security processes and standards.
  • Define and expand partnerships with key engineering teams across Roblox.
  • Apply critical thinking and analytical skills to develop security protocols and communicate effectively with stakeholders.
  • Research and evaluate new technologies to enhance the company's security posture.
  • Identify potential threats and vulnerabilities in our systems and data, as well as help develop and implement solutions to safeguard them.
  • Enable cross-functional teams to implement security solutions aligned with Trust-by-Design principles.
  • Contribute to security education and awareness programs by preparing and delivering training materials across the company.
  • Shape strategies to automate and scale application and product security efforts.
  • Design and integrate security frameworks into CI/CD pipelines.
  • Test application code following the OWASP Testing Methodology.
  • Mentor and guide other security engineers!

You have:

  • 8+ years of professional experience in cybersecurity, with a deep background in application security, data encryption, and compliance with security standards, as well as knowledge of network and cloud security.
  • Expertise in explaining complex security challenges and solutions to both technical and non-technical leadership.
  • Proven ability to build strong relationships and influence principal engineers across teams.
  • Experience in software and infrastructure architecture with a focus on security.
  • Extensive experience with common code and network vulnerabilities, their impacts, and remediation strategies.
  • Background in writing code in at least one programming language, such as Python, Golang, or C#, and a scripting language like Bash or Python.
  • Applied knowledge of cryptography, PKI, TLS, and practical implementations.
  • Experience with threat modeling and Secure Software Development Life Cycles!
  • Experience operationalizing security best practices in large-scale internet environments.
  • Familiarity with network and server hardware, as well as Linux and Windows security.

You are:

  • A team-oriented, collaborative professional who enjoys working with others.
  • Passionate about security and knowledgeable about security principles, understanding their value to an organization.
  • Passionate about long-term solutions that drive lasting security improvements, prioritizing sustainable change over quick fixes.

For roles that are based at our headquarters in San Mateo, CA: The starting base pay for this position is as shown below. The actual base pay is dependent upon a variety of job-related factors such as professional background, training, work experience, location, business needs and market demand. Therefore, in some circumstances, the actual salary could fall outside of this expected range. This pay range is subject to change and may be modified in the future. All full-time employees are also eligible for equity compensation and for benefits.

Annual Salary Range

$351,130$425,990 USD

Roles that are based in our San Mateo, CA Headquarters are in-office Tuesday, Wednesday, and Thursday, with optional in-office on Monday and Friday (unless otherwise noted).

You’ll Love: 

  • Industry-leading compensation package
  • Excellent medical, dental, and vision coverage
  • A rewarding 401k program
  • Flexible vacation policy (varies by exemption status)
  • Roflex - Flexible and supportive work policy 
  • Roblox Admin badge for your avatar
  • At Roblox HQ: 
    • Free catered lunches five times a week and several fully stocked kitchens with unlimited snacks
    • Onsite fitness center and fitness program credit
    • Annual CalTrain Go Pass

Roblox provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. Roblox also provides reasonable accommodations for all candidates during the interview process.

Top Skills

C#
Go
Python

What the Team is Saying

Claus
Ying
Denise
Andrea
The Company
HQ: San Mateo, CA
2,500 Employees
Hybrid Workplace
Year Founded: 2004

What We Do

Roblox is an immersive gaming and creation platform that offers people millions of ways to be together, inviting its community to explore, create and share endless unique experiences. Our vision is to reimagine the way people come together — in a world that's safe, civil, and optimistic. To achieve this vision, we are building an innovative company that, together with the Roblox community, has the ability to strengthen our social fabric and support economic growth for people around the world.

Why Work With Us

Every day, Roblox employees tackle complex questions and drive incredible innovation. Join us in building the future of human connection and communication.

Gallery

Gallery
Gallery
Gallery
Gallery

Roblox Offices

Hybrid Workspace

Employees engage in a combination of remote and on-site work.

We are requiring employees to be in the office three days a week – with core days being Tuesday, Wednesday, and Thursday. On Mondays and Fridays, employees may choose to work remotely, although the office will still be open.

Typical time on-site: 3 days a week
Company Office Image
HQSan Mateo, CA
IN
Learn more

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account