At a Glance
- Tasks: Design and build detection systems to protect millions of users on Roblox.
- Company: Join Roblox, a leading platform for immersive digital experiences.
- Benefits: Competitive salary, flexible work environment, and opportunities for professional growth.
- Other info: Work autonomously in a dynamic team and travel to the USA for collaboration.
- Why this job: Make a real impact by enhancing security for a global community.
- Qualifications: 10+ years in security engineering with strong automation and incident response skills.
The predicted salary is between 80000 - 100000 £ per year.
Every day, tens of millions of people come to Roblox to explore, create, play, learn, and connect with friends in 3D immersive digital experiences– all created by our global community of developers and creators. At Roblox, we’re building the tools and platform that empower our community to bring any experience that they can imagine to life. Our vision is to reimagine the way people come together, from anywhere in the world, and on any device. We’re on a mission to connect a billion people with optimism and civility, and looking for amazing talent to help us get there. A career at Roblox means you’ll be working to shape the future of human interaction, solving unique technical challenges at scale, and helping to create safer, more civil shared experiences for everyone.
As a founding member of the Security Operations team in EMEA, you will join us at an exciting time in Roblox’s SIRT & SOC program. You will design and build the detections, automation and tooling that let a lean team monitor and protect players, developers, employees and the platform at global scale and serve as security incident commander in the region. This is a highly autonomous role where you will be a primary decision-maker, core to our mission to maintain a highly capable 24/7/365 monitoring and response capability. While you will work in close collaboration with peers at our US West Coast Headquarters, the time difference requires an engineer who can operate independently, making critical decisions without immediate oversight.
We favor engineering our way out of toil through automation, orchestration, detections-as-code, and risk-based prioritization, while retaining the deep technical skills required to conduct detailed, hands-on analysis and lead response end-to-end when the situation warrants.
Work Environment: This role is based in London, UK. You will be working from a dedicated, private space located within a shared office environment, designed to enable collaboration while remaining secure.
You will:
- Build Detection & Response Systems: Design, write, and maintain production-quality detections, automations and integrations (detections-as-code, SOAR playbooks, data and enrichment pipelines) that scale our monitoring capability and reduce manual toil.
- Own Tooling & Platform: Develop and improve the tooling the global SIRT/SOC depends on alert quality and enrichment, case-management integrations and automation that powers reliable "follow-the-sun" hand-offs.
- Exercise High Autonomy: Act as the primary Incident Commander for the European time zone, making critical, time-sensitive decisions independently before US HQ comes online. You will serve as the senior-most security engineering point of contact in the region.
- Drive Strategy & Architecture: Shape the technical direction of the detection & response engineering function, specifically architecting how global hand-offs and "follow-the-sun" models can be optimized and automated.
- Command Security Incidents: Ensure serious threats and impacts are understood, mitigated, and learned from with speed and professionalism, often leading responses end-to-end without immediate escalation paths during local hours — and turning what you learn into durable, automated detections.
- Conduct Forensic Investigations & Threat Hunt: Dig into complex context to determine whether threats exist, take decisive action and proactively hunt for anomalous activity in our signals, distinguishing outliers from threats.
- Lead High-Profile Responses: Collaborate with Security and Engineering to lead responses to major vulnerabilities or platform-wide events.
- Collaborate Cross-Functionally: Work with Legal, HR, Executive teams, and external partners (Developers & Customers). You will also travel semi-regularly to the USA to visit HQ, ensuring deep alignment with central engineering and security leadership.
You have:
- Experience: 10+ years across security engineering, Infosec, IT, Infra/SRE, and/or Incident Response.
- Specialization: 7+ years specifically in Detection or Response, with a track record of building, writing detections, automation or security tooling, not solely operating.
- Engineering Proficiency: Comfortable writing and reviewing production-quality code (Scripting) and building automations, integrations and data pipelines that others depend on.
- Autonomous Leadership: Proven ability to work independently in satellite offices or distributed teams. You are comfortable being the "person in charge" during your shift and making calls that impact the business.
- Incident Command: Extensive experience operating as an incident commander. You can flex into deep engineering work but also possess the executive presence to coordinate responders and communicate status to leadership.
- Investigations: Expert-level capability investigating threats in enterprise and production environments, taking ownership from identification to resolution.
- Knowledge/Tools/Techniques: Deep understanding of security tooling (SIEM, EDR, IDS/IPS, NDR, SOAR) and experience extending or building on it. You are proficient in applying Incident Response frameworks (NIST IR Lifecycle, Cyber Kill Chain, MITRE ATT&CK) to real-world scenarios, and you collaborate effectively with engineering colleagues, leveraging extensive expertise across infrastructure and technologies (Public Cloud, OS, Virtualization, Containerization, Networking, Build/Development infrastructure, and Hardware).
- Education: Bachelor's degree in Computer Science, Cybersecurity, or a related technical field; advanced degree preferred or equivalent experience.
You are:
- A Builder-Operator: You would rather automate a problem out of existence than staff around it and you hold yourself to an engineering bar even under incident pressure.
- A Strategic Self-Starter: You don't wait for instructions. You identify gaps in coverage — especially those unique to regional or time-zone-specific challenges — and fix them.
- A Detailed Thinker: You enjoy exploring the details and considering the second- and third-order effects of your decisions.
- An Eager Problem Solver: You are drawn to complex issues rather than avoidant of them.
- Emboldened to Make Change: You instinctively ask what you can do to improve the situation rather than waiting to be prompted.
- Compelled by our Mission: You are driven by the opportunity to protect our community and the safe space we've created.
- A Calculated Risk Taker: You move fast, navigating reasonable risks to take action and build capabilities as quickly as possible.
Roles that are based in an office are onsite Tuesday, Wednesday, and Thursday, with optional presence on Monday and Friday (unless otherwise noted). Roblox provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. Roblox also provides reasonable accommodations to candidates with qualifying disabilities or religious beliefs during the recruiting process.
StudySmarter Expert Advice🤫
We think this is how you could land Senior Security Engineer, Detection and Response in London
✨Get Involved in the Cybersecurity Community
Diving into the cybersecurity community is key for landing that full-time gig. Join forums like Reddit's r/cybersecurity or attend local meetups to connect with industry veterans and other job seekers. Networking is everything in this field—don’t just be a passive lurker!
✨Show Off Your Skills with Capture the Flag Competitions
Participate in Capture the Flag (CTF) competitions; these are not just a fun way to boost your skills but also a chance to showcase your talent to potential employers. Many companies, including Roblox, love seeing candidates who actively engage in these challenges.
✨Tailor Your Online Presence
Make sure your LinkedIn and any professional profiles reflect your cybersecurity expertise. Share your projects, whether they’re personal or from a previous role, to catch the eye of hiring managers. This is how they’ll find your passion and commitment to the field!
✨Apply Directly Through Roblox
Don’t forget to head straight to our website and check out any openings for cybersecurity roles at Roblox. Applying directly can sometimes give you an edge, especially if you can mention that you've been following our work or engaging in the community.
We think you need these skills to ace Senior Security Engineer, Detection and Response in London
Some tips for your application 🫡
Show off your technical skills:In cybersecurity, it's crucial to highlight your technical prowess. Make sure your CV showcases specific skills like network security, penetration testing, or threat analysis. If you have relevant certifications (like CEH or CISSP), pop those on the front page to grab attention!
Tailor your portfolio for the role:Even for a full-time role, a portfolio can set you apart. If you've worked on any cybersecurity projects—be it CTF challenges, security assessments, or research papers—include these in your application. This demonstrates not just your skills, but also your hands-on experience!
Use real-world examples:When writing your cover letter, don’t just stick to your qualifications. Share real-world examples of how you’ve tackled security issues or vulnerabilities. This gives the hiring team at Roblox insight into your practical problem-solving abilities and makes your application memorable.
Demonstrate your passion for cybersecurity:Cybersecurity is an ever-evolving field, so show us that you’re always learning! Mention any recent courses, webinars, or industry events you’ve attended. This not only exhibits your enthusiasm but also signals to Roblox that you’re committed to staying ahead in the game.
How to prepare for a job interview at Roblox
✨Sharpen Your Technical Skills
For a role in cybersecurity, it’s essential to be up-to-date with the latest tools and techniques. Brush up on your knowledge of firewalls, intrusion detection systems, and vulnerability assessment tools. Be ready to discuss specific scenarios where you’ve applied these skills, as hands-on experience can really set us apart in interviews.
✨Prepare for Scenario-Based Questions
Expect the interviewers at Roblox to throw in some hypothetical situations to see how you’d handle them. Think about common security breaches or incidents and be prepared to explain how you would respond. This not only shows your problem-solving skills but also your understanding of real-world cybersecurity challenges.
✨Highlight Your Certifications
Certifications like CompTIA Security+, CISSP, or CEH can give you a significant edge in a full-time role in cybersecurity. Make sure to mention these during your interview and be prepared to discuss what you learned through those certifications and how they relate to the position at Roblox.
✨Show Your Passion for Cybersecurity
Since you’re going for a full-time gig, showing genuine enthusiasm for the field can make all the difference. Share any personal projects, blogs, or communities you’re part of that relate to cybersecurity. This not only showcases your passion but also your commitment to staying engaged in this ever-evolving field.