Staff Product Security Engineer

<div class="content-intro"><h2 data-pm-slice="1 1 []">About Crunchyroll</h2> <p>Founded by fans, Crunchyroll delivers the art and culture of anime to a passionate community. We super-serve over 100 million anime and manga fans across 200+ countries and territories, and help them connect with the stories and characters they crave. Whether that experience is online or in-person, streaming video, theatrical, games, merchandise, events and more, it’s powered by the anime content we all love.</p> <p>Join our team, and help us shape the future of anime!</p></div><h2>About the role</h2> <p data-pm-slice="1 1 []">Crunchyroll is growing and changing, presenting unique challenges and opportunities to support millions of anime fans around the world. The Fan Experiences Services Tools team provides seamless help to our partners and internal stakeholders, ensuring an exceptional experience for all Crunchyroll fans.</p> <p>Our charter is focused on helping our internal and external teams around the world integrate, test, and deploy the Crunchyroll applications quickly and with the highest levels of quality. We do this with tools and infrastructure that optimize the developer experience. We tie it all together with sophisticated automated testing and productivity solutions designed to support our culture of experimentation, autonomy and ownership. Our goal is to focus on delivering the best possible anime fan experience.</p> <p>You will:</p> <ul> <li> <p><strong>Security Strategy Leadership:</strong> Lead, mentor, and grow the Application Security team. Define the long-term roadmap for <strong>Mobile, Desktop, and Game</strong> security to proactively mitigate reverse engineering, piracy, and cheating.</p> </li> <li> <p><strong>Binary Defense Architecture:</strong> Oversee the design and implementation of binary protection strategies. Direct the evaluation and integration of anti-tamper, obfuscation, and RASP solutions (e.g., Promon, Guardsquare) ensuring minimal impact on game FPS, app performance and user experience.</p> </li> <li> <p><strong>Game Integrity Anti-Cheat:</strong> Collaborate with game studios to design "server-authoritative" economies and implement client-side detections for memory manipulation, touch macros, and modded APKs.</p> </li> <li> <p><strong>Trust Identity Management:</strong> Architect robust chains of trust for the ecosystem. Manage code signing certificates, secure boot processes, and the integration of hardware-backed storage (TEE) for sensitive keys.</p> </li> <li> <p><strong>Vulnerability Research Validation:</strong> Lead internal or external "red team" initiatives using reverse engineering tools (IDA Pro, Frida) to simulate attacks against our apps and games. Validate the effectiveness of binary defenses and attestation checks before release.</p> </li> <li> <p><strong>Content Protection Engineering:</strong> Collaborate with media engineering to harden DRM implementations (Widevine, FairPlay). Ensure secure handling of media keys and enforce output protection (HDCP).</p> </li> </ul> <p>In the role of Staff Product Security Engineer, you will report to the Senior Director of Fan Experience Engineering Service Tools. We are considering applicants for the location of Dallas, Los Angeles, or San Francisco.</p> <h2>About You</h2> <p>We get excited about candidates, like you, because you have...</p> <ul> <li> <p><strong>Binary Application Construction:</strong> Solid understanding of how applications are constructed, including compilers, linkers, dynamic loaders, ABI interaction, and executable formats (ELF, Mach-O, PE).</p> </li> <li> <p><strong>Game Engine Anti-Cheat Security:</strong> Solid understanding of Unity (IL2CPP) and Unreal Engine security architectures. Experience designing defenses against game-specific attacks: memory editors (GameGuardian), speed hacks, wallhacks, and protecting asset integrity (AssetBundles).</p> </li> <li> <p><strong>Cryptography Chain of Trust:</strong> Comprehensive experience ... (truncated, view full listing at source)