Roblox aims to connect a billion people through immersive digital experiences while ensuring secure systems and empowering developers to create safely. The company is looking to scale application security through automation, secure libraries, and integration into CI/CD pipelines.
Requirements
- Proficiency in at least one programming language such as C/.NET, C++, JavaScript, Go, or Rust
- Experience in software or security architecture, including designing secure systems and services
- Experience with at least one scripting language such as Python, Bash, or Lua
- Knowledge in cryptography, PKI, and TLS, including practical implementation
- Familiarity with secure design reviews and threat modeling
- Strong understanding of common application and network vulnerability classes, their impact, and remediation strategies
- Background in integrating security into the Software Development Lifecycle (SDLC)
Responsibilities
- Design, build, and maintain internal application security tooling, services, and libraries
- Write production-quality code to enable secure-by-default patterns and abstractions
- Automate security workflows and integrate controls into CI/CD pipelines
- Partner closely with product and platform engineers to embed security early in system design
- Reproduce, assess, and drive remediation for vulnerability and bug bounty reports
- Develop secure reference implementations and reusable code examples
- Contribute to deep-dive security reviews, including threat modeling and penetration testing
Other
- 5+ years of relevant professional experience
- Ability to clearly communicate security concepts to engineering and product partners
- Knowledge in Linux and Windows operating systems and security fundamentals
- Own projects end-to-end in a fast-paced, ambiguous environment
- Participate in the AppSec on-call rotation and incident response as needed
