Application Security Engineer
Riot Games was established in 2006 by entrepreneurial gamers who believe that player-focused game development can result in great games. In 2009, Riot released its debut title League of Legends to critical and player acclaim. As the most played PC game in the world, over 100 million play every month. Players form the foundation of our community and it’s for them that we continue to evolve and improve the League of Legends experience.
We’re looking for humble but ambitious, razor-sharp professionals who can teach us a thing or two. We promise to return the favor. Like us, you take play seriously; you’re passionate about games. We embrace those who see things differently, aren’t afraid to experiment, and who have a healthy disregard for constraints.
That’s where you come in.
As an Application Security Engineer, you’ll work closely with product teams globally to help build fun, safe and secure experiences for players. You’ll identify application security gaps and own projects to address them. Your ability to understand both the technical detail and player impact of security vulnerabilities will help you communicate potential issues to Rioters, improving the security of the player experience.
- Player-focused: you're a gamer whose passion for games (especially League of Legends) helps you stay focused on initiatives that make the difference to players in and out of the game
- A threat to convention: bored by what's considered traditional, you constantly push past limits until the status is no longer quo; you don't "think outside the box" because, hey, there's no box
- Focused on team: you find, shape, and cultivate teams that don't just swing for the fences, they jack that (metaphorical) baseball beyond the stars; you help Rioters develop the tools and creative atmosphere to shine, but ultimately hold them accountable for making smart calls and delivering capital-V value
- Seriously playful: you work hard but always leave time for pentakills; whether you're grabbing a game of League in our onsite PC Bang or rapidly sharing cat GIFs, you make time for daily play in all of its wonderful forms
- Humbitious: you're ambitious but humble, a state of being summed up by fans of portmanteau as "humbitious;" always shooting for the stars, you never forgo rounds of feedback from teammates, players, and partners who keep you from drifting off into space
- Define security test strategies for complex systems which place wards throughout Riots code base, identifying security vulnerabilities before they gank us harder than a fed Rengar
- Develop powerful security tools using a variety of programming languages. You will also be experienced using tools such as Burp Suite and OWASP ZAP and understand how to build automation systems with them to help engineers ship fun and secure experiences to our players
- Work with product and test teams throughout the development cycle, integrating security in an non blocking way and educating along the way
- As a support champion for Riot software engineers you will develop relationships with engineering teams to understand their application security needs
- Passionately evangelize application security and secure coding practices throughout Riot engineering by creating relationships with engineers and team leaders. Recruit engineers into our growing Security Champions program, and support Champions as they strive to make Riot's products as secure as they can be.
- Review code and hunt for security vulnerabilities before we release products to players
- Passionately help us level up our bug bounty program to provide researchers with a world class bug bounty experience
Additional insight into applying to Riot Engineering is available on our discipline page
Don’t forget to include a resume and cover letter. We receive a lot of applications, but we’ll notice a fun, well-written intro that shows us you take play seriously.