As a Senior member of the Security Operations team you will serve as the Incident Response Program Lead at Roblox this pivotal role you will hold the ultimate responsibility for building improving and scaling our SIRT capabilities across people process and will be the architect of our response maturity moving us beyond ad-hoc firefighting into a structured highly orchestrated operation. While you will still be hands-on during events your primary focus will be force multiplying: ensuring that our alert pipeline response procedures tooling and capabilities integrate deeply with the rest of the company. You will work directly with leadership to influence the roadmap for the Security Incident Response Team operate cohesively with SOC operations and ensure our team is equipped to protect Robloxs platform developers and millions of users.
You will:
- Lead the SIRT Program: Own the strategy and execution of the Incident Response program. Define success metrics identify maturity gaps and drive projects that scale our capabilities (People Process Technology).
- Command Security Incidents: Serve as an Incident Commander for high-severity events ensuring threats are mitigated with speed and professionalism.
- Build & Scale Process: Create and maintain the source of truth for responsedeveloping comprehensive runbooks Incident Response Plans (IRPs) and workflows that standardize excellence across the team.
- Drive Automation & Technology: Be a driving force in SOAR and response tooling. Identify manual toil and ruthlessly automate it to free up time for high-value hunting.
- IR Mentorship & Training: Elevate the skills of the broader team. Design tabletop exercises conduct post-incident reviews (blameless post-mortems) and ensure lessons learned are fed back into the program.
- Collaborate Cross-Functionally: Become best friends with Legal Privacy Comms HR and Engineering teams to ensure our incident response processes are legally sound and technically integrated.
- Threat Hunt: Lead and participate in proactive threat hunting initiatives using intelligence to hypothesis-test our environment against advanced adversaries.
You have:
- Experience: 8 years of experience across Infosec IT Infra/SRE and/or Incident Response.
- Specialization: 5 years of experience specifically in Security Incident Response roles.
- Program Building: Demonstrated experience not just running incidents but building the program capabilities that support them. You have created IRPs defined and maintained severity matrices and influenced IR policy to meet the latest and best standards.
- Incident Command: Proven ability to exist in and manage chaos. You have led enterprise-wide incidents and can confidently brief executive leadership during crises.
- Technical Proficiency: Deep hands-on experience with security stack components (SIEM EDR IDS/IPS SOAR). You know how o tune these tools to reduce noise and increase signal.
- Framework Knowledge: Proficiency with Incident Response frameworks (NIST SANS Cyber Kill Chain MITRE ATT&CK) and the ability to operationalize them.
- Education: Bachelors degree in Computer Science Cybersecurity or a related technical field; advanced degree preferred or equivalent experience.
Required Experience:
Senior IC
As a Senior member of the Security Operations team you will serve as the Incident Response Program Lead at Roblox this pivotal role you will hold the ultimate responsibility for building improving and scaling our SIRT capabilities across people process and will be the architect of our response mat...
As a Senior member of the Security Operations team you will serve as the Incident Response Program Lead at Roblox this pivotal role you will hold the ultimate responsibility for building improving and scaling our SIRT capabilities across people process and will be the architect of our response maturity moving us beyond ad-hoc firefighting into a structured highly orchestrated operation. While you will still be hands-on during events your primary focus will be force multiplying: ensuring that our alert pipeline response procedures tooling and capabilities integrate deeply with the rest of the company. You will work directly with leadership to influence the roadmap for the Security Incident Response Team operate cohesively with SOC operations and ensure our team is equipped to protect Robloxs platform developers and millions of users.
You will:
- Lead the SIRT Program: Own the strategy and execution of the Incident Response program. Define success metrics identify maturity gaps and drive projects that scale our capabilities (People Process Technology).
- Command Security Incidents: Serve as an Incident Commander for high-severity events ensuring threats are mitigated with speed and professionalism.
- Build & Scale Process: Create and maintain the source of truth for responsedeveloping comprehensive runbooks Incident Response Plans (IRPs) and workflows that standardize excellence across the team.
- Drive Automation & Technology: Be a driving force in SOAR and response tooling. Identify manual toil and ruthlessly automate it to free up time for high-value hunting.
- IR Mentorship & Training: Elevate the skills of the broader team. Design tabletop exercises conduct post-incident reviews (blameless post-mortems) and ensure lessons learned are fed back into the program.
- Collaborate Cross-Functionally: Become best friends with Legal Privacy Comms HR and Engineering teams to ensure our incident response processes are legally sound and technically integrated.
- Threat Hunt: Lead and participate in proactive threat hunting initiatives using intelligence to hypothesis-test our environment against advanced adversaries.
You have:
- Experience: 8 years of experience across Infosec IT Infra/SRE and/or Incident Response.
- Specialization: 5 years of experience specifically in Security Incident Response roles.
- Program Building: Demonstrated experience not just running incidents but building the program capabilities that support them. You have created IRPs defined and maintained severity matrices and influenced IR policy to meet the latest and best standards.
- Incident Command: Proven ability to exist in and manage chaos. You have led enterprise-wide incidents and can confidently brief executive leadership during crises.
- Technical Proficiency: Deep hands-on experience with security stack components (SIEM EDR IDS/IPS SOAR). You know how o tune these tools to reduce noise and increase signal.
- Framework Knowledge: Proficiency with Incident Response frameworks (NIST SANS Cyber Kill Chain MITRE ATT&CK) and the ability to operationalize them.
- Education: Bachelors degree in Computer Science Cybersecurity or a related technical field; advanced degree preferred or equivalent experience.
Required Experience:
Senior IC
View more
View less