Principal Security Operations Engineer
Job Id: REQ-0002959
Riot Security Engineers and Analysts hold an in-depth knowledge of specific areas of expertise. We don't just focus on breaking things; we support teams across Riot to develop security capabilities which help protect player experiences. We relish the opportunity to work with new tech stacks and product teams, each with their own security risk profile and complex challenges.
At the most fundamental level, our goal is to help achieve value to players and make life harder for troublemakers.
As a Principal Security Operations Engineer, reporting to the head of Security Operations, you will regularly monitor and analyze security efforts across Riot and for our players. You will quickly detect, analyze, and respond to various threat actors across the globe and be a primary point of contact for security leadership during incidents. Thinking critically about security threats and developing tools (e.g. automating security processes) is necessary to ensure the safety of Riot's platforms and the players using them. From working closely with local and federal law enforcement agencies around security incidents to defending against the next DDoS, you would help protect Riot and our players.
- Build and lead projects that contribute towards Information Security's long-term goals
- Lead a highly technical team in one or more of the following areas: Incident Response, Engineering, or Forensics.
- Maintain and nurture security intelligence connections and using this information to protect Riot and our Players.
- Build and improve security strategies for complex systems, identifying security vulnerabilities
- Partner with product teams and security leadership throughout the incident investigation cycle
- Improve Riot's security posture by ensuring remediation, eradication and lessons learned are rolled back into day to day operations
- Be a point of contact for security leadership and lead responder for security incidents across the company
- Reviewing and tracking detected events to identify new exploits, threats and mitigation strategies, and enforce incident reporting standards
- Mentor junior engineers and help level-up their understanding of Information Security
- Develop relationships with engineering teams to understand their security needs
- Recruit and interview high-quality engineers and continue to attract qualified candidates to Riot's Information Security team
- Champion Security programs to senior management, product leads and engineers.
- Develop and track metrics to ensure Riot's goals and the team's goals are met and improved upon.
- Experience working with cloud infrastructure and services such as AWS, Azure, Google Cloud, SoftLayer or Private Clouds
- 7+ years of experience in intrusion detection and incident response
- 5+ years of computer network defense (identify, protect, detect, respond, and recover) experience within a Computer Incident Response organization.
- Experience with the life cycle of network threats, attack vectors, and methods of exploitation and common tactics, techniques, and procedures of advanced attackers.
- 5+ years of experience working with logging & data analysis infrastructure (e.g. ELK, Splunk etc.)
- Experience with container security and automation such as docker, kubernetes, terraform and ansible
- Experience working with forensics (networking, memory, disk)
- Experienced incident response commander
- Industry certifications (GCFE, GCFA, GNFA, GCIH, EnCE, or CISSP) a plus
For this role, you'll find success through craft expertise, a collaborative spirit, and choices that focus on your fellow Rioters, who are the customers of your work. Being a dedicated fan of games is not necessary for this position!
Riot has a focus on work/life balance, shown by our open paid time off policy, in addition to other perks such as flexible work schedules. We offer medical, dental, and life insurance, parental leave for you, your spouse/domestic partner and children, and a 401k with company match. Check out our benefits pages for more information.