Every day, tens of millions of people come to Roblox to explore, create, play, learn, and connect with friends in 3D immersive digital experiences- all created by our global community of developers and creators.
At Roblox, we're building the tools and platform that empower our community to bring any experience that they can imagine to life. Our vision is to reimagine the way people come together, from anywhere in the world, and on any device.We're on a mission to connect a billion people with optimism and civility, and looking for amazing talent to help us get there.
A career at Roblox means you'll be working to shape the future of human interaction, solving unique technical challenges at scale, and helping to create safer, more civil shared experiences for everyone.
Security at Roblox is responsible for engineering and designing secure systems from inception through production, defining security standards and processes, and enabling product and infrastructure teams to build securely by default. The Application Security (AppSec) team works closely with engineering partners early in the design and development lifecycle to provide secure architectures, standards, and scalable solutions.
As a Senior Security Software Engineer in Application Security, you will be a hands-on security engineer who designs, builds, and ships security solutions. This is a hybrid in-office role and you will report to the Senior Manager leading our Application Security team responsible for Secure Software Development Lifecycle at Roblox.
In this role, you will help define how application security scales at Roblox through automation, secure libraries, CI/CD integrations, and reusable patterns, while also contributing to deep-dive reviews such as threat modeling, code review, and penetration testing. Members of the AppSec team also participate in the AppSec on-call rotation and tooling evaluations.
You will:- Design, build, and maintain internal application security tooling, services, and libraries
- Write production-quality code to enable secure-by-default patterns and abstractions
- Automate security workflows and integrate controls into CI/CD pipelines
- Partner closely with product and platform engineers to embed security early in system design
- Reproduce, assess, and drive remediation for vulnerability and bug bounty reports
- Develop secure reference implementations and reusable code examples
- Contribute to deep-dive security reviews, including threat modeling and penetration testing
- Support and improve security tooling and processes at scale
- Participate in the AppSec on-call rotation and incident response as needed
You have:- 5+ years of relevant professional experience
- Proficiency in at least one programming language such as C#/.NET, C++, JavaScript, Go, or Rust
- Experience in software or security architecture, including designing secure systems and services
- Experience with at least one scripting language such as Python, Bash, or Lua
- Knowledge in cryptography, PKI, and TLS, including practical implementation
- Familiarity with secure design reviews and threat modeling
- Strong understanding of common application and network vulnerability classes, their impact, and remediation strategies
- Background in integrating security into the Software Development Lifecycle (SDLC)
- Owned projects end-to-end in a fast-paced, ambiguous environment
- Ability to clearly communicate security concepts to engineering and product partners
- Knowledge in Linux and Windows operating systems and security fundamentals
Nice to have:- Experience working in microservice or distributed system environments
- Relevant certifications such as OWASP, CSSLP, CISSP, GIAC, GSEC, or CISM
For roles that are based at our headquarters in San Mateo, CA: The starting base pay for this position is as shown below. The actual base pay is dependent upon a variety of job-related factors such as professional background, training, work experience, location, business needs and market demand. Therefore, in some circumstances, the actual salary could fall outside of this expected range. This pay range is subject to change and may be modified in the future. All full-time employees are also eligible for equity compensation and for benefits as described on
this page.
Annual Salary Range
$249,860-$324,470 USD
Roles that are based in an office are onsite Tuesday, Wednesday, and Thursday, with optional presence on Monday and Friday (unless otherwise noted).
Roblox provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. Roblox also provides reasonable accommodations to candidates with qualifying disabilities or religious beliefs during the recruiting process.
Never miss an opportunity! Create an alert based on the job you applied for.
