Riot Security Engineers and Analysts hold an in-depth knowledge of specific areas of expertise. We don't just focus on breaking things; we support teams across Riot to develop robust security capabilities which help protect player experiences. We relish the opportunity to work with new tech stacks and product teams, each with their own security risk profile and complex challenges.

As an Application Security Engineer, you will work with product teams globally to help build fun, safe and secure experiences for players. Reporting to the Senior Manager of Security Engineering, you will identify application security gaps and own projects to address them. Your deep knowledge of both the technical detail and player impact of security vulnerabilities will help you communicate potential issues to Rioters and improve the security of the player experience.

Responsibilities:

  • Build projects that contribute to Application Security’s long-term goals
  • Mentor junior engineers and help level-up their understanding of Application Security
  • Establish security test strategies for complex systems, identifying security vulnerabilities
  • Educate and integrate security in a non-blocking way throughout the development cycle
  • Develop relationships with engineering teams to understand their application security needs
  • Help level up our bug bounty program and provide researchers with an elite bug bounty experience
  • Champion Application Security programs to product leads and engineers
  • You may (circumstances allowing) visit our Los Angeles HQ approximately two to three times a year for around three to four weeks in total

Required Qualifications:

  • 3+ years of experience in an application/product security role
  • Programming experience in C#, C++, Java, JavaScript, Golang or Python
  • Experience using web application security testing tools such as Burp Suite and (OWASP) ZAP
  • Experience implementing and tuning, then helping software teams understand the output from static analysis tools

Desired Qualifications:

  • Knowledge of Semmle QL/GitHub Advanced Security for code analysis
  • Experience developing custom security automation tooling 
  • Experience with AWS security features and vulnerabilities 
  • Experience with Container Security

Our Perks:

  • Medical, dental, and vision plans that cover you, your spouse/domestic partner, and children
  • Open paid time off
  • Retirement benefits with company matching
  • Life insurance, parental leave, plus short-term and long-term disability
  • Flexible benefits allowance to help Rioters live their best lives
  • We will double down on your donations of time and money to non-profits

Let's Thrive Together:

Because together we are better.

It’s our policy to provide equal employment opportunity for all applicants and members of Riot Games. We know that fresh and varied perspectives will make us better at what we do, so however you identify and whatever background you bring with you, we’re excited to hear from you. Don’t be discouraged if you feel you don’t meet every one of the requirements for a role, there’s always room for growth at Riot. If you spot a role to make you want to jump out of bed in the morning, we are waiting to hear from you!