Security Engineer
Roku · Austin, Texas · Posted Jul 9, 2026
Apply on company site Track it in JobSkout
Teamwork makes the stream work.
Roku is changing how the world watches TV
Roku is the #1 TV streaming platform in the U.S., Canada, and Mexico, and we've set our sights on powering every television in the world. Roku pioneered streaming to the TV. Our mission is to be the TV streaming platform that connects the entire TV ecosystem. We connect consumers to the content they love, enable content publishers to build and monetize large audiences, and provide advertisers unique capabilities to engage consumers.
From your first day at Roku, you'll make a valuable - and valued - contribution. We're a fast-growing public company where no one is a bystander. We offer you the opportunity to delight millions of TV streamers around the world while gaining meaningful experience across a variety of disciplines.
About the Team
The Roku trust engineering team is a close-knit group of professionals passionate about information security. Our mission is to protect our customers, partners, devices, services, infrastructure, and data. We work collaboratively, sharing insights and expertise to stay ahead of the curve. Join us, and you’ll be part of a dynamic team that thrives on challenges and celebrates victories together.
About the Role
As a Security Engineer on the Trust engineering team, you will support the design, implementation, and management of Roku’s end-to-end security systems and controls that impact a global user base. Key responsibilities will include supporting the development of security controls, managing and maintaining SIEM/SOAR tooling and threat intelligence platforms, conducting technical incident response, managing vulnerability and risk assessments, and mentoring more junior analysts. You will collaborate with teams within Trust engineering and across the wider organization to support, develop, and influence strong security practices and postures.
What you will be doing
Trust Information Security Operations, s upporting the design and implementation of information security systems and frameworks, including threat prevention, detection and mitigation tools
Manage, maintain and optimize security information and event management (SIEM) platforms and associated security infrastructure
Detect and respond to information security incidents, investigate security incidents, identify attack vectors, and lead containment/eradication/recovery efforts
Create detailed incident reports, lead post-incident reviews, document lessons learned, and contribute to compliance reporting
Threat Hunting Proactive Measures: Hunt for undetected threats, tune security tools, refine detection rules, and address false positives
Vulnerability management, analysis, oversee the vulnerability management lifecycle and reporting, support prioritization and advise relevant stakeholders on vulnerability status and postures
Security controls, identify risks in new and existing projects and environments and support the implementation of necessary security controls to meet business needs
Support the implementation of security orchestration, automation and response (SOAR) playbooks and procedures in order to improve response times and ensure a consistent approach to incidents
Provide mentorship and support to more junior analysts, and act as an escalation point for complex issues
Support in testing and evaluation of security products and solutions
Support the development and management of the security operations centre (SOC) function as it is built up and developed into the future
Raise awareness of security policies and best practices across the organization. And continue to contribute to the ongoing development of best practices, procedures and security training across the organization
We are excited if you have
Strong understanding of SIEM, EDR, cloud security services (e.g., AWS GuardDuty), and various security technologies
Experience in automation and development of automated playbooks and associated processes in security orchestration, automation and response (SOAR) environments
Experience in the creation of incident response plans and leading incident response efforts, and post-incident reporting when required
Threat intelligence, knowledge of tactics, techniques, and procedures (TTPs) utilized by threat actors and how to generate and deploy mitigation strategies
Vulnerability management, monitoring, reporting and engagement with necessary stakeholders to ensure timely remediation
Can demonstrate a strong understanding of network security principles and encryption technologies
Experience with security change management processes and procedures
Demonstrate experience of risk assessment and advisory capabilities on both internal systems and products/solutions from third-party vendors (SaaS, AI, etc)
Experience in contributing to the development, implementation and management of security policies and procedures
Strong knowledge of security frameworks and industry best practices – such as ISO 270001, NIST, PCI-DS…