Senior Cybersecurity Incident Responder
Job Id: REQ-0006980
Continuously delivering content to a global audience of millions of players while also building new games affords Riot's InfoSec discipline with a mountain of exciting and complex challenges. And of course, the attention of very interesting adversary groups.
That's where you come in. Riot Security Operations Engineers hold an in-depth knowledge of specific areas of expertise. We don't just focus on breaking things; we proactively support teams across Riot to develop robust security capabilities which help protect player experiences. We relish the opportunity to work with new tech stacks and product teams, each with their own unique security risk profile.
At the most fundamental level, their goal is to help deliver value to players and make life harder for troublemakers.
Our Security Operations team is responsible for regularly monitoring and analyzing Riot’s security efforts across the organization and for our players. Its mission is to quickly detect, analyze, and respond to various threat actors from across the globe. The ability to not only think critically when it comes to security threats, but technically by developing tools (e.g. automating security processes) is vital to their success. From working closely with local and federal law enforcement agencies around security incidents to defending against the next DDoS, they are here to protect Riot and our players.
You will report to the Manager of Security Operations and be based in the Dublin office.
- Lead, mentor, and develop engineers who are part of our global Security team
- Probe, research, and analyze security risks that directly impact players
- Triage and investigate security events
- Help identify new exploits, threats and mitigations for detection engineering
- Contribute to and drive Riot’s global Security Operations roadmap
- Work with product teams throughout the incident investigation cycle to ensure proper remediation, eradication, and lessons learned are rolled back into day to day operations.
- Part of European team acting as the escalation point for all security events and investigations
- You will be expected to do a small amount of travel as part of a global team
- 3-5 years experience in Cybersecurity operations, threat hunting, incident response and digital forensics
- Experience as an engineer assisting in incident response efforts. This should include hands on experience completing malware analysis, memory analysis and disk forensic
- 2+ years of computer network defense (identify, protect, detect, respond, recover) experience within a Computer Incident Response organization
- Understanding of the life cycle of network threats, attack vectors, and methods of exploitation and common tactics, techniques, and procedures of advanced attackers
- Experience needed in automating common tasks using a scripting language (Python, PowerShell, Go or similar)
- Demonstrated understanding of IT and security related technologies and practices including endpoint incident detection and response, firewalls, secure remote access, authentication, networking and operating systems
- As comfortable communicating in distributed teams as with people sitting right next to you
- Experience working with cloud infrastructure and services such as AWS, Azure, Google Cloud, SoftLayer or Private Clouds
- Experience working with security tooling and logging technology (e.g. ELK, Splunk, SentinelOne, Defender ATP, Carbon Black, etc.)
- Knowledge of container security and automation such as docker, kubernetes, terraform and ansible
- Industry certifications (GCFE, GCFA, GNFA, GCIH, EnCE, CISSP) a plus, but not required
For this role, you'll find success through craft expertise, a collaborative spirit, and choices that focus on your fellow Rioters, who are the customers of your work. Being a dedicated fan of games is not necessary for this position!
- Open paid time off
- Retirement benefits with company matching
- Medical and dental plans that cover you, your spouse/domestic partner, and children
- Life insurance, short-term and long-term disability
- Family Bonding leave
- Commuting allowance
- Flexible benefits allowance
- Vision allowance
- Daily lunch, snacks and fruit in the office
- We will double down on your donations of time and money to nonprofits
Let's Thrive Together:
Because together we are better, we know that fresh and varied perspectives will make us better at what we do, so however you identify and whatever background you bring with you, we're excited to hear from you. Don't be discouraged if you feel you don't fully meet every single one of the requirements for a particular role, there's always room for growth at Riot. If you spot a role that will make you want to jump out of bed in the morning, we are waiting to hear from you! Don't forget to include a resume. We receive many applications, but we'll notice a fun, well-written intro that shows us you Dare to Dream and Execute with Excellence.