Riot Games was founded in 2006 by Brandon Beck and Marc Merrill with the intent to change the way video games are made and supported for players. In 2009, Riot released its debut title League of Legends to worldwide acclaim. The game has since gone on to become the most played PC game in the world and a key driver of the explosive growth of esports. Players are the foundation of our community and it’s for them we continue to evolve and improve the League of Legends experience. Riot Games is headquartered in Los Angeles, CA and has 23 offices worldwide. That's where you come in.

Riot Security Engineers and Analysts hold an in-depth knowledge of specific areas of expertise. We don't just focus on breaking things; we aggressively support teams across Riot to develop robust security capabilities which help protect player experiences. We relish the opportunity to work with new tech stacks and product teams, each with their own particular security risk profile and complex challenges.

At the most fundamental level, our goal is to help deliver value to players and make life harder for troublemakers.

As an Application Security Engineer, you will work closely with product teams globally to help build fun, safe and secure experiences for players. You will identify application security gaps and own projects to address them. Your deep knowledge of both the technical detail and player impact of security vulnerabilities will help you communicate potential issues to Rioters and improve the security of the player experience.

Responsibilities:

• Build projects that contribute towards Application Security’s long-term goals
• Mentor junior engineers and help level-up their deep understanding of Application Security
• Define security test strategies for complex systems, identifying security vulnerabilities
• Develop powerful security tools
• Build secure automation systems
• Educate and integrate security in a non-blocking way throughout the development cycle
• Develop relationships with engineering teams to understand their application security needs
• Evangelize application security and secure coding practices throughout Riot engineering
• Help level up our bug bounty program and provide researchers with an elite bug bounty experience
• Review code and hunt for security vulnerabilities before we release products to players
• Champion Application Security initiatives to product leads and engineers

Applicable Technologies:

• C#, JavaScript, Python or equivalent programming experience
• Burp Suite
• OWASP ZAP
• Static analysis tools
• System automation

It’s our policy to provide equal employment opportunity for all applicants and members of Riot Games, Inc. Riot Games makes reasonable accommodations for handicapped and disabled Rioters and does not unlawfully discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity or expression, national origin, age, handicap, veteran status, marital status, criminal history, or any other category protected by applicable federal and state law, including the City of Los Angeles’ Fair Chance Initiative for Hiring Ordinance relating to an applicant's criminal history (LAMC 189.00).