Senior Offensive Security Engineer

$233,840 - $233,840/Yr

Roblox - San Mateo, CA

posted 11 days ago

Full-time - Senior
San Mateo, CA
Professional, Scientific, and Technical Services

About the position

As an Offensive Security Engineer at Roblox, you will be a key member of the Detection and Response team (DART), leading offensive security assessments to enhance the company's defense capabilities. Your role will involve collaborating with various teams to identify security weaknesses, validate detection mechanisms, and provide actionable recommendations to improve security posture. You will also focus on developing repeatable testing frameworks and metrics-driven security improvements, contributing to a safer and more civil shared experience for users.

Responsibilities

  • Lead offensive security assessments across the entire technology stack.
  • Collaborate with detection engineers through purple team exercises, attack simulations, and threat emulation to improve detection coverage.
  • Build and maintain security testing tools, BAS frameworks, and automation scripts for repeatable testing and quantifiable security improvements.
  • Design and implement frameworks to measure security control effectiveness and detection coverage over time.
  • Stay current with the latest attack techniques, tools, and methodologies while building out both offensive and defensive security improvements.
  • Share knowledge across security teams and foster a culture of continuous security improvement.

Requirements

  • 7+ years of professional experience in offensive security, with experience in purple team exercises and detection engineering teamwork.
  • Proficiency in Python or Go for building security tooling and automation, including experience with SOAR platforms.
  • Experience performing full-stack security assessments of web applications, APIs, cloud infrastructure, and backend systems.
  • Experience implementing and managing breach attack simulation platforms while working with detection engineering teams.
  • Deep understanding of OWASP Top 10 vulnerabilities, common attack techniques, exploit development, and security assessment frameworks.
  • Knowledge of security concepts including reverse engineering, cloud security, container security, CI/CD pipeline security, and API security.
  • Certifications such as OSCP, OSCE, GXPN, or equivalent practical experience.
  • Strong analytical and problem-solving abilities, excellent technical writing skills, and the ability to communicate complex technical concepts clearly.

Benefits

  • Industry-leading compensation package
  • Excellent medical, dental, and vision coverage
  • A rewarding 401k program
  • Flexible vacation policy
  • Free catered lunches five times a week
  • Onsite fitness center and fitness program credit
  • Annual CalTrain Go Pass

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service