Senior Security Software Engineer, Application Security
About The Position
Every day, tens of millions of people come to Roblox to explore, create, play, learn, and connect with friends in 3D immersive digital experiences– all created by our global community of developers and creators. At Roblox, we’re building the tools and platform that empower our community to bring any experience that they can imagine to life. Our vision is to reimagine the way people come together, from anywhere in the world, and on any device. We’re on a mission to connect a billion people with optimism and civility, and looking for amazing talent to help us get there. A career at Roblox means you’ll be working to shape the future of human interaction, solving unique technical challenges at scale, and helping to create safer, more civil shared experiences for everyone. The Security organization at Roblox is responsible for designing and engineering secure systems from inception through production. We define security standards, build scalable controls, and enable product and infrastructure teams to operate securely by default. The Application Security team partners closely with engineering teams early in the development lifecycle to drive secure architectures, establish standards, and deliver scalable security solutions. As a Senior Security Software Engineer - Application Security, you will be a hands-on engineer who designs, builds, and ships security solutions that integrate directly into developer workflows and platforms. You will play a key role in scaling application security through automation, CI/CD integrations, secure libraries, and reusable patterns. In this role, you will help define how security is embedded across the software development lifecycle at Roblox, balancing deep technical work (threat modeling, code review, penetration testing) with systemic solutions that reduce risk at scale. You will also participate in AppSec on-call rotations and contribute to security tooling and platform evolution.
Requirements
- 6+ years of experience in software engineering, application security, or security engineering
- Strong coding skills in at least one language (e.g., Python, Go, C#, JavaScript, Rust, C++)
- Build and scale security automation in CI/CD pipelines (SAST, SCA, secrets detection, and fuzzing)
- Solid understanding of application security fundamentals (OWASP Top 10, auth models, common vulnerabilities and mitigations)
- Background with cloud environments, and modern architectures (microservices, APIs)
- Working knowledge of Linux/Windows systems, networking fundamentals, and system-level security
- Experience designing and implementing secure, scalable systems, including APIs, microservices, and distributed architectures
- Ability to translate security risks into practical, scalable engineering solutions
- Bachelor’s degree in a relevant field or equivalent practical experience
Nice To Haves
- Experience building security platforms, tools, or developer frameworks
- Knowledge of cryptography, PKI, TLS, and secure implementations
- Experience with container security and Kubernetes
- Experience building internal security platforms or developer tooling
- Background of supply chain security (SBOMs, signing, provenance, build integrity)
Responsibilities
- Integrate security into CI/CD pipelines and drive secure-by-default engineering practices
- Design and build security controls, libraries, and guardrails directly in code
- Develop and scale automated security tooling across CI/CD (SAST, dependency scanning, secrets detection, fuzzing, etc.)
- Build and improve detection and prevention mechanisms for abuse, data exfiltration, and supply chain risks
- Automate vulnerability triage, prioritization, and remediation workflows at scale
- Integrate security into developer workflows and internal platforms to reduce friction and increase adoption
- Design and implement security controls for agentic and AI-assisted workflows, building guardrails to mitigate risks such as prompt injection, data exfiltration, and misuse of developer and system privileges
- Contribute to secure system design and architecture reviews, including threat modeling for new products and features
Benefits
- equity compensation
- health insurance
- dental insurance
- vision insurance
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
