Job details

Principal Security Engineer, Detection & Response

Every day, tens of millions of people come to Roblox to explore, create, play, learn, and connect with friends in 3D immersive digital experiences– all created by our global community of developers and creators.

At Roblox, we’re building the tools and platform that empower our community to bring any experience that they can imagine to life. Our vision is to reimagine the way people come together, from anywhere in the world, and on any device. We’re on a mission to connect a billion people with optimism and civility, and looking for amazing talent to help us get there.

A career at Roblox means you’ll be working to shape the future of human interaction, solving unique technical challenges at scale, and helping to create safer, more civil shared experiences for everyone.

As a Principal Security Engineer you will be a foundational member of the detection and response team responsible for the protection of Roblox’s intellectual property, trade secrets, and confidential information. You will lead, coordinate, and deliver Roblox security program achievements by communicating with stakeholders across security and engineering. You will be a key contributor in supporting other security teams and driving business-friendly security and developing processes along with improvements. This role will have a direct, immediate, and positive impact on our internal security, external customers, and the hundreds of millions of users that use and rely on Roblox.

You Have:

8+ years of experience in working on a security detection and response team and have niche expertise in proactive alert development and reactive response to intellectual property, trade secrets, and confidential information.
Experience in automation in Python, Bash, Go, similar languages, or security orchestration
Knowledgeable in detection engineering, endpoint detection and response tooling, intrusion detection, threat hunting, threat modeling, common IOCs/TTPs, and initial access techniques for insider risks
Expertise with SOAR, UAM, SIEM, DLP, and UEBA technologies
Have an executive presence with superb communication skills and ability to collaborate with multiple teams and intelligence source groups both internal and external to the organization
Have experience responding to high severity investigations and the ability to conduct technical response.

You Will:

Be responsible for developing an alerting system to protect Roblox’s intellectual property, trade secrets, and confidential information.
Build runbooks, procedures, and orchestration for triage
Conduct timely investigation summaries with relevant collaborators such as Roblox Employment Legal, Roblox Legal, and Roblox Security Leadership
Spearhead, strategize, and collaborate to mature the detection and response program at Roblox
Respond to alerts, review logs, conduct threat hunts, and further enhance our proactive monitoring and alerting.
Lead tabletop exercises with key stakeholders and partners
Develop metrics around monitoring, detection, response, and forecasting
Work with sister security teams to reduce threat surface areas and raise security awareness
Evaluate, recommend, and improve upon existing technical and non-technical solutions to detect and respond to potential risks and threats

For roles that are based at our headquarters in San Mateo, CA: The starting base pay for this position is as shown below. The actual base pay is dependent upon a variety of job-related factors such as professional background, training, work experience, location, business needs and market demand. Therefore, in some circumstances, the actual salary could fall outside of this expected range. This pay range is subject to change and may be modified in the future. All full-time employees are also eligible for equity compensation and for benefits.

Annual Salary Range

$283,780—$331,640 USD

Roles that are based in our San Mateo, CA Headquarters are in-office Tuesday, Wednesday, and Thursday, with optional in-office on Monday and Friday (unless otherwise noted).

You’ll Love:

Industry-leading compensation package
Excellent medical, dental, and vision coverage
A rewarding 401k program
Flexible vacation policy (varies by exemption status)
Roflex - Flexible and supportive work policy
Roblox Admin badge for your avatar
At Roblox HQ:

Free catered lunches five times a week and several fully stocked kitchens with unlimited snacks
Onsite fitness center and fitness program credit
Annual CalTrain Go Pass

Roblox provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. Roblox also provides reasonable accommodations for all candidates during the interview process.

Average salary estimate

$307710 / YEARLY (est.)

min

max

$283780K

$331640K

If an employer mentions a salary or salary range on their job, we display it as an "Employer Estimate". If a job has no salary data, Rise displays an estimate if available.

What You Should Know About Principal Security Engineer, Detection & Response, Roblox

At Roblox, we thrive on creativity, collaboration, and innovation, and we're on the lookout for an experienced Principal Security Engineer in Detection & Response to join our dynamic team in San Mateo, CA. As a foundational member of our detection and response team, you'll be pivotal in safeguarding Roblox’s valuable intellectual property and confidential information. Every day, millions of users turn to Roblox to create and share delightful experiences, and your role will ensure that these engagements are secure and trustworthy. You’ll build a robust alerting system, lead investigations, and partner with teams across the organization to enhance our security posture. With over 8 years of experience in security detection and response, you bring a wealth of knowledge that includes automation in Python or similar languages, as well as expertise in threat modeling, intrusion detection, and more. Your leadership will extend to conducting impactful tabletop exercises and driving improvements in our security processes. Plus, at Roblox, you’ll enjoy industry-leading compensation, excellent benefits, and a flexible, supportive work environment that acknowledges the importance of work-life balance. Join us in reshaping the future of gaming and community engagement while working in a place that values creativity and the power of teamwork. Together, we can create safer digital experiences for our passionate community of developers and players worldwide.

Frequently Asked Questions (FAQs) for Principal Security Engineer, Detection & Response Role at Roblox

What qualifications do I need to become a Principal Security Engineer at Roblox?

To be considered for the Principal Security Engineer, Detection & Response position at Roblox, you'll need at least 8 years of experience in a security detection and response team. Candidates should have niche expertise in proactive alert development and a strong understanding of automation, detection engineering, and threat modeling. Familiarity with technologies such as SIEM, SOAR, UEBA, and experience responding to high-severity investigations are also essential.