Jump to Main ContentJump to Primary Navigation

Who We Are

Work with us

News

globeIcon
burgerNav
burgerNavClose
Who We AreWork with usNews
Information Security Group

Security Engineer (Contract)

Shanghai, China

Job Id: 5883

Riot Games is seeking a dedicated and detail-oriented Security Engineer to join the Riot Information Security team. In this role, you will be responsible for managing the security posture of our third-party vendors and partners, ensuring that they meet Riot’s security standards and industry best practices. As vendor ecosystems grow more complex and critical to business operations, this position plays a key role in protecting the confidentiality, integrity, and availability of Riot’s data and services. You will have a meaningful role on the InfoSec team and the opportunity to develop professionally in a collaborative environment.

Responsibilities:

  • Conduct daily security assessments of new and existing vendors.
  • Collaborate with Procurement, Legal, and business stakeholders to ensure security is integrated throughout the vendor lifecycle.
  • Maintain and enforce vendor certification assessment (VCA) processes, including documentation, reviews, and follow-ups.
  • Conduct risk analyses based on vendor-provided documentation (e.g., certifications, security policies).
  • Track remediation efforts and ensure vendors address identified security gaps in a timely manner.
  • Support on other security initiatives and daily works.

Required Qualifications:

  • Bachelor’s degree in Information Security, Computer Science, Risk Management, or a related field (or equivalent experience).
  • 2+ years of experience in vendor risk management, third-party security, or a related security role.
  • Familiarity with common security frameworks and standards such as ISO 27001, MLPS, CSL, etc.
  • Understanding of information security principles, especially in the context of third-party risk.
  • Excellent communication and interpersonal skills, with the ability to work cross-functionally.
  • Detail-oriented, self-driven, and comfortable managing multiple priorities.
  • Proficient reading and writing skills in English.

Desired Qualifications:

  • Experience working in the gaming industry or technology sector.
  • Professional certifications such as CISSP, CISA are a plus.
  • Experience using vendor risk management platforms or GRC tools.