Senior Application Security Engineer

About the position

At Roblox, we are on a mission to connect a billion people with optimism and civility through immersive digital experiences. As a Senior Application Security Engineer, you will play a crucial role in ensuring the security of our applications and the safety of our community. This position involves taking ownership of various engagement projects across different tech stacks, identifying security gaps, and enabling secure designs and mitigations. You will have the opportunity to automate and scale application security practices across the company, contributing to a safer environment for our users. In this role, you will direct and assist in Product Security guidance and processes, defining how we establish and expand partnerships with critical engineering organizations within Roblox. You will contribute to the ramp-up of Trust-by-Design security initiatives and security awareness programming, ensuring that security is integrated into our development processes. Your responsibilities will include conducting evaluations of Bug Bounty issues, providing recommendations, and developing security education and training materials to communicate best practices across the organization. You will also plan and perform penetration testing, write secure libraries or code patches, and build and maintain CI/CD secure tooling. Testing application code using the OWASP Testing Methodology will be a key part of your role, ensuring that our applications are resilient against vulnerabilities. This hybrid in-office role will report directly to the Senior Engineering Manager of the Application Security team, allowing you to collaborate closely with other security professionals and engineers to enhance our security posture.