Product Security Senior Engineering Lead

Overview

Do you love fortifying the technology that powers unforgettable player experiences?

Do you enjoy collaborating with engineers and cross-disciplinary leads to understand their risks and craft practical, forward-thinking security solutions?

Are you curious about a wide range of engineering disciplines and invested in helping ship secure, reliable, and compliant systems?

As the Product Security Senior Engineering Lead, you will guide the strategy and execution of security initiatives that protect our games, services, and players at global scale. You will partner with game teams, Online Services, Central Tech, and external vendors to embed security best practices throughout our development lifecycle. By assessing requirements and risks across projects, and building alignment with the product security team and diverse stakeholders, you will identify the right security investments to keep ahead of ever-evolving adversaries.

RESPONSIBILITIES

• Ability to lead a Security Engineering team, a Security Analyst team, and a Machine Learning / Data Science team focused on the security space.
• Ability to own the technical vision for security architecture across our games and player-facing services.
• Ability to conduct threat modeling, risk assessments, and design reviews; translate findings into actionable roadmaps.
• Ability to partner with engineers to embed secure coding standards, automated checks, and vulnerability remediation into our pipelines.
• Ability to collaborate with Legal and Compliance teams.
• Ability to mentor and grow a high-performing security engineering, security analyst, and MLDS teams; forecast staffing needs and help recruit top talent.
• Ability to track emerging threats, oversee research of new defensive techniques, and champion a security-focused culture within Central Tech and the game teams.
• Ability to communicate risk and mitigation plans to leadership, and external partners with clarity and influence.

REQUIRED SKILLS

• Experience leading security engineering or application security programs for large-scale online services or games.
• Deep knowledge of game security architectures and associated security controls.
• Hands-on expertise with common attack vectors, secure SDLC, and automated vulnerability management.
• Strong technical and architectural ability (C++, C#, or similar) to advise and oversee technical implementations and maintain alignment.
• Demonstrated ability to align diverse stakeholders, balance risk versus velocity, and drive projects to completion.
• Excellent written and verbal communication skills, with an emphasis on clear, actionable guidance.

NICE-TO-HAVE SKILLS

• Experience protecting live, large-scale multiplayer games.
• Familiarity with anti-cheat, fraud prevention, or abuse mitigation technologies.
• Security certifications (e.g., CISSP, OSCP, CSSLP) or equivalent real-world expertise.

Listed below is this role's base pay range. In other locations that the company has approved for remote work, this pay range may be adjusted up to +/- 10% and some roles may be classified as non-exempt (hourly).

This range is determined by an array of factors, including training, transferable skills, work experience, business needs, and market demands. Additionally, it is subject to change and may be modified in the future.

In the journey to make incredible worlds, employees don't simply do meaningful work - they receive meaningful support. Competitive salaries and discretionary bonus opportunities are just the start. We offer comprehensive healthcare coverage, generous 401(k) matching, flexible time off policies, paid parental leave, social clubs, and so much more. Check out our benefits page: Benefits - Careers to see all the perks that come with joining.

So you don't meet every requirement listed in this job description? Do you think your experience level is not where it needs to be? Studies show that members of certain underrepresented groups are less likely to apply to jobs unless they believe they meet every single qualification. The company is focused on building a diverse, inclusive, and equitable workplace. If you're interested in this position but your past experience doesn't line up perfectly with every qualification in the job description, we want you to apply anyway. The right role for you may be right around the corner!

Most full-time employees will adopt a digital first approach allowing remote work in approved locations (outside of positions identified as 100% onsite in Bellevue/Seattle, or individuals preferring a hybrid/flex environment). Prospective full-time employees who are located outside of an approved state will need to establish residency in an approved state within 45 days of their start date. Contractors will follow a digital first approach adhering to the location guidelines agreed upon by our third-party employer/vendor. The company’s remote policy is subject to change at the company’s discretion.

The company provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.

This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

Please be aware that fictitious job openings, consulting engagements, solicitations, or employment offers may be circulated on the Internet in an attempt to obtain privileged information, or to induce you to pay a fee for services related to recruitment or training. The company does NOT charge any application, processing, or training fee at any stage of the recruitment or hiring process. All genuine job openings will be posted here on our careers page and all communications from the recruiting team and/or hiring managers will be initiated from an @bungie.com email address.