Application Security Engineer
In 2009, Riot released its debut title League of Legends and over 100 million people now play the game every month. Whether you're in Rio, Seoul, or Moscow, you can find an excited and engaged community of League players. Delivering content to a global audience of millions of players whilst also building new games affords Riot's Engineering discipline with a mountain of exciting and technically complex challenges. That's where you come in.
Riot Security Engineers and Analysts hold an in-depth knowledge of specific areas of expertise. We don't just focus on breaking things; we aggressively support teams across Riot to develop robust security capabilities which help protect player experiences. We relish the opportunity to work with new tech stacks and product teams, each with their own particular security risk profile and complex challenges.
At the most fundamental level, our goal is to help deliver value to players and make life harder for troublemakers.
As an Application Security Engineer, you will work closely with product teams globally to help build fun, safe and secure experiences for players. You will identify application security gaps and own projects to address them. Your deep knowledge of both the technical detail and player impact of security vulnerabilities will help you communicate potential issues to Rioters and improve the security of the player experience.
- Build projects that contribute towards Application Security’s long-term goals
- Mentor junior engineers and help level-up their deep understanding of Application Security
- Define security test strategies for complex systems, identifying security vulnerabilities
- Develop powerful security tools
- Build secure automation systems
- Educate and integrate security in a non-blocking way throughout the development cycle
- Develop relationships with engineering teams to understand their application security needs
- Evangelize application security and secure coding practices throughout Riot engineering
- Help level up our bug bounty program and provide researchers with an elite bug bounty experience
- Review code and hunt for security vulnerabilities before we release products to players
- Champion Application Security initiatives to product leads and engineers
- Burp Suite
- OWASP ZAP
- Static analysis tools
- System automation
It’s our policy to provide equal employment opportunity for all applicants and members of Riot Games, Inc. Riot Games makes reasonable accommodations for handicapped and disabled Rioters and does not unlawfully discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity or expression, national origin, age, handicap, veteran status, marital status, criminal history, or any other category protected by applicable federal and state law, including the City of Los Angeles’ Fair Chance Initiative for Hiring Ordinance relating to an applicant's criminal history (LAMC 189.00).