Senior Security Operations Engineer, Incident Response Program Lead

RobloxSan Mateo, CA
10hOnsite
Match Resume

About The Position

Every day, tens of millions of people come to Roblox to explore, create, play, learn, and connect with friends in 3D immersive digital experiences– all created by our global community of developers and creators. At Roblox, we’re building the tools and platform that empower our community to bring any experience that they can imagine to life. Our vision is to reimagine the way people come together, from anywhere in the world, and on any device. We’re on a mission to connect a billion people with optimism and civility, and looking for amazing talent to help us get there. A career at Roblox means you’ll be working to shape the future of human interaction, solving unique technical challenges at scale, and helping to create safer, more civil shared experiences for everyone. As a Senior member of the Security Operations team, you will serve as the Incident Response Program Lead at Roblox headquarters. In this pivotal role, you will hold the ultimate responsibility for building, improving, and scaling our SIRT capabilities across people, process, and technology. You will be the architect of our response maturity, moving us beyond ad-hoc firefighting into a structured, highly orchestrated operation. While you will still be hands-on during events, your primary focus will be force multiplying: ensuring that our alert pipeline, response procedures, tooling and capabilities integrate deeply with the rest of the company. You will work directly with leadership to influence the roadmap for the Security Incident Response Team, operate cohesively with SOC operations and ensure our team is equipped to protect Roblox’s platform, developers, and millions of users.

Requirements

  • Experience: 8+ years of experience across Infosec, IT, Infra/SRE, and/or Incident Response.
  • Specialization: 5+ years of experience specifically in Security Incident Response roles.
  • Program Building: Demonstrated experience not just running incidents, but building the program capabilities that support them. You have created IRPs, defined and maintained severity matrices, and influenced IR policy to meet the latest and best standards.
  • Incident Command: Proven ability to exist in and manage chaos. You have led enterprise-wide incidents and can confidently brief executive leadership during crises.
  • Technical Proficiency: Deep hands-on experience with security stack components (SIEM, EDR, IDS/IPS, SOAR). You know how o tune these tools to reduce noise and increase signal.
  • Framework Knowledge: Proficiency with Incident Response frameworks (NIST, SANS, Cyber Kill Chain, MITRE ATT&CK) and the ability to operationalize them.
  • Education: Bachelor's degree in Computer Science, Cybersecurity, or a related technical field; advanced degree preferred or equivalent experience.

Responsibilities

  • Lead the SIRT Program: Own the strategy and execution of the Incident Response program. Define success metrics, identify maturity gaps, and drive projects that scale our capabilities (People, Process, Technology).
  • Command Security Incidents: Serve as an Incident Commander for high-severity events, ensuring threats are mitigated with speed and professionalism.
  • Build & Scale Process: Create and maintain the "source of truth" for response—developing comprehensive runbooks, Incident Response Plans (IRPs), and workflows that standardize excellence across the team.
  • Drive Automation & Technology: Be a driving force in SOAR and response tooling. Identify manual toil and ruthlessly automate it to free up time for high-value hunting.
  • IR Mentorship & Training: Elevate the skills of the broader team. Design tabletop exercises, conduct post-incident reviews (blameless post-mortems), and ensure lessons learned are fed back into the program.
  • Collaborate Cross-Functionally: Become best friends with Legal, Privacy, Comms, HR and Engineering teams to ensure our incident response processes are legally sound and technically integrated.
  • Threat Hunt: Lead and participate in proactive threat hunting initiatives, using intelligence to hypothesis-test our environment against advanced adversaries.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Mid Level

Job Search Resources

Similar Senior Security Operations Engineer, Incident Response Program Lead job opportunities

Senior Security Engineer - Security Incident Response
Microsoft
Microsoft • Redmond, WA9d
Manager-Security Incident Response & Operations
American Specialty Health Incorporated
American Specialty Health Incorporated7d • $112,500 - $175,000 • Remote
Security Researcher
Microsoft
Microsoft13d
Senior Security Operations Manager, Detection Engineering & Incident Response
Pure Storage
Pure Storage • Santa Clara, CA6d • $225,000 - $338,000 • Onsite
Senior Security Operations Manager, Detection Engineering & Incident Response
Pure Storage
Pure Storage • Santa Clara, CA7d • $225,000 - $338,000 • Onsite
🔥 New JobIncident Response Team Lead
Agile Defense
Agile Defense • Reston, VA1d • Hybrid
Explore More Jobs

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service