Senior Security Engineer

Riot engineers bring deep knowledge of specific technical areas but also value the opportunity to work in a variety of broader domains. As Security Engineers, we work with and assess both new and current technology, creating practical solutions to improve our security maturity level and protect Riot and our players.

As a Senior Security Engineer of InfoSec, you will work on a diverse team across the world to support information security protection and defense. You will act as a subject matter expert in certain infosec domains and be accountable for setting up the China security governance, providing security risk analysis and improving the security awareness. You will report to the China Head of Infosec.

Responsibilities:

• Manage and maintain the measurement to monitor and report on the control effectiveness in all information security area in China
• Ensure the local security governance fulfillment, e.g. MLPS
• Conduct security risk management tasks and collaborate with teams of different functions to encourage the security concept across the business process
• Localize the security policies, standards and guidelines, and ensure the implementation to the business operation
• Support the regional office network/endpoint security setup and review
• Be on rotational on-call for global infosec support and operational assessment
• Provide and support in meaningful security reviews on suppliers, platforms, and applications
• Liaise with business security champions for infosec practice implementation and security awareness promotion

Required Qualifications

• 6+ years of hands-on experience in security governance and risk management
• Bachelor’s degree or above
• Knowledge and understanding of information security frameworks and governance, e.g. MLPS, NIST, ISO 27001
• Experience in local security standards and regulations including filing, registration and assessment (CSL, DSL, PIPL)
• Demonstrate a high degree of operational knowledge in the risk management and vendor security management lifecycle
• Strong project management skills and multi-tasking management abilities across multiple teams with complex products and services in a diverse and dynamic environment
• Understanding of Network protocol (TCP/IP) and security practices (Segmentation, Firewalls, Etc.)
• Basic knowledge in scripting language, e.g. Perl, Python
• Good communication and interpersonal skills with an ability to proactively influence and collaborate with stakeholders, and translate technical concepts to non-technical audiences
• Must embrace Riot’s culture, values and missions

Desired Qualifications

• Knowledge of development, DevSecOps and SDLC methodologies
• Experience in application security including penetration test and code review

Don’t forget to include a resume and cover letter. We receive a lot of applications, but we’ll notice a fun, well-written intro that shows us you take play seriously.

For this role, you'll find success through craft expertise, a collaborative spirit, and decision-making that prioritizes the delight of players. We will be looking at your past studies, experience, and your personal relationship with games. If you embody player empathy and care about the experiences of players, this could be the role for you!

Our Perks:

Riot Games fosters a player and workplace experience that values teamwork embodied by the Summoner's Code and Community Code. Our culture embraces differences as a strength, and our values are the guiding principles for how we approach work. We are committed to putting diversity and inclusion (D&I) at the center of everything we do, and promoting a fair and collaborative culture where Rioters treat one another with dignity and respect. We encourage you to read more about our value of thriving together and our ongoing work to build the most inclusive company in gaming.