Apply here: https://careers.roblox.com/jobs/6254544
As a Senior Security Engineer on the Detection and Response (DART) team at Roblox, you'll play a key role developing and implementing effective detection strategies, triage and investigation techniques, along with automations for response workflows to defend our critical assets from threat actors. You will actively investigate events, lead real-time incident response and analyze threat actor techniques to prioritize emerging threats to ensure Roblox is equipped to mitigate and react to critical challenges. We play a vital part to ensure the safety of our community and enterprise by proactively fostering an impactful, respectful, and inclusive security culture. This is a hybrid in-office role.
You will:
- Be a detection and response authority! Set strategy and build threat detection systems (keeping false positives low) while also automating processes with scripts, playbooks, and orchestration tooling. With autonomy and end-to-end responsibility, you’ll deliver robust detection & response capabilities.
- Conduct security operations: Actively monitor security events, participate in on-call rotations to lead real-time incident response to contain and mitigate potential security issues.
- Build strong relationships: Collaborate with internal teams like InfoSec, Engineering, Product, Trust and Safety to design scalable solutions.
- Help grow the DART team: Guide and support junior engineer careers and contribute to hiring.
You have:
- 4+ years of experience in Detection and Response: with a passion for security engineering, threat detection, threat hunting, and incident management.
- Engineering experience with SIEM, EDR, NDR, and SOAR technologies: You have on-boarded logs in your sleep and built custom detections/automations for complex environments.
- Conducted incident response: Structured, mature incident response processes are your vocabulary to swiftly resolve security incidents. Afterwards, you use evidence and data to tell the story and ensure action items are meticulous and complete.
- Scripting and automation skills: Proficiency in languages like Python, Bash, or similar as well as SOAR tools.
- Familiarity across multiple domains: Deep understanding of network protocols, operating systems, cloud environments, virtualized hosts, containers, in order to identify potential threats to each.
- Core security skills: Analytical thinking, crisis management, root cause analysis, and problem-solving, with a meticulous approach to identifying, investigating, and responding to incidents.
You are:
- Emotionally intelligent: You relish working with teammates and partners as you provide calm leadership during crisis situations and solve sophisticated security challenges.
- Team-oriented and communicative: Skilled at influencing and working across teams to deliver solutions that align with business goals while driving the security mission forward.
- Adaptable and creative: Comfortable with ambiguity, you can quickly gather data to make informed decisions, and you approach sophisticated problems with creativity and speed.
- Pragmatic: Adept at balancing open-source and commercial tools to find the right fit for security challenges.