Application Security Engineer

Santa Monica

Riot Games was established in 2006 by entrepreneurial gamers who believe that player-focused game development can result in great games. In 2009, Riot released its debut title League of Legends to critical and player acclaim. As the most played PC game in the world, over 67 million play every month. Players form the foundation of our community and it’s for them that we continue to evolve and improve the League of Legends experience.

We’re looking for humble but ambitious, razor-sharp professionals who can teach us a thing or two. We promise to return the favor. Like us, you take play seriously; you’re passionate about games. We embrace those who see things differently, aren’t afraid to experiment, and who have a healthy disregard for constraints.

That’s where you come in.

As Application Security Engineer, you’ll be Riot’s master security assassin, systematically targeting applications’ security structures to reveal where weaknesses lie. Run-of-the-mill security standards just don’t do it for you, and you’d rather safeguard applications with a custom-fit chassis instead of an assembly line solution. Your desk will be your workshop where you’ll tune up application security protocols, analyze and patch security holes, and suggest preventative maintenance routines. You’ll look forward and future-proof our app infrastructure to ward off threats and keep League of Legends safe and stable for players.

You are:

  • Experienced: you’ve spent at least five years building apps, scripts, and tools either at your desk, at a major software firm or in your garage; an engineering degree scores you extra points
  • Up to code: your familiarity with scripting (ActionScript, Lua, Python, Ruby) and web-based tech (JavaScript, CSS, HTML, Perl) helps you scope out security holes that appear in applications and suggest how to patch them up; you can sight-read code’s form and function to quickly understand its intentions and impact
  • A constructive demolitionist: you’ve got a passion for pinpointing and exposing security vulnerabilities to help developers build applications stronger and more secure 
  • Always evolving: your predator’s instinct to adapt and learn compels you to hunt for cutting-edge security solutions and add new programming languages to your repertoire
  • A security detective: you rely on your keen eye for the details to understand and investigate security threats , whether you’ve got all the details or you have to do a little digging, to determine the real security culprit
  • A communications savant: you can effectively communicate your knowledge and insight in any medium, be it email, instant message, or sneakernet
  • Player-focused: likely a gamer yourself, you understand how important security is to a healthy player experience; you’re an unsung hero, and if apps are secure, players will know that you’ve got their backs

You will:

  • Tear apart mission-critical programs and work with engineers to create security fixes and perform application autopsies to evaluate security snafus
  • Stay aware of new security threats, quickly discern their nefarious implications, and suggest solutions to quash emergent issues or fortify against future problems
  • Test the security strength of applications players depend on every day, such as The Tribunal, payment systems, and web apps
  • Work across a variety of different teams to shore up security on every beachhead, assess application vulnerability, and conduct security reviews
  • Take point on security audits and implement new security regimens to protect precious player and company data

To apply:

  • Click the button below and don’t forget to include a resume and cover letter. We receive a lot of applications, but we’ll notice a fun, well-written intro that shows us you take play seriously.