Security Software Engineer

Confirmed live in the last 24 hours

Roku

Austin, Texas

Hybrid

Posted April 16, 2026

Job Description

Teamwork makes the stream work.

Roku is changing how the world watches TV

Roku is the #1 TV streaming platform in the U.S., Canada, and Mexico, and we've set our sights on powering every television in the world. Roku pioneered streaming to the TV. Our mission is to be the TV streaming platform that connects the entire TV ecosystem. We connect consumers to the content they love, enable content publishers to build and monetize large audiences, and provide advertisers unique capabilities to engage consumers.

From your first day at Roku, you'll make a valuable - and valued - contribution. We're a fast-growing public company where no one is a bystander. We offer you the opportunity to delight millions of TV streamers around the world while gaining meaningful experience across a variety of disciplines.

About the team

The Roku Trust Engineering team is a close-knit group of professionals with a passion for information security. Our mission is to protect our customers, partners, devices, services, infrastructure, and data. We work collaboratively, sharing insights and expertise to stay ahead of the curve. Join us, and you’ll be part of a dynamic team that thrives on challenges and celebrates victories together.

About the role

As a Senior Security Engineer on the Trust Cloud team, your role involves architecting, designing, and implementing end-to-end security controls to impact the global user base. A key focus is on developing automated, scalable security solutions to enhance efficiency and protect Roku. This position requires expertise in cloud devops and the tools and controls to affect cloud security at scale.

What you’ll be doing

Designing and implementing scalable, automated security controls for AWS and GCP using infrastructure-as-code, configuration-as-code, and policy-as-code approaches (Terraform, etc.), and developing supporting automation in Go or Python.
Partnering with infrastructure, platform, and application teams to embed security into application architectures and deployment workflows as part of a robust Secure Software Development Lifecycle (SSDLC).
Conducting security reviews and performing threat modeling for infrastructure, platform, and application initiatives.
Improving IAM implementations, network configurations, DNS security, and other cloud resource management practices.
Designing and implementing integrations with third-party security platforms to automate vulnerability management, secret detection, and cloud posture monitoring, ensuring findings are actionable and seamlessly integrated into engineering workflows.
Respond to cloud security incidents and use your devops skils to help triage, contain, remediate, and report
Leverage AI to accelerate your learning and enhance your work products
Driving security initiatives end-to-end — from identifying risks to delivering solutions — with high autonomy in a fast-moving environme