ROBLOX Corporation

Principal Security Software Engineer, Enterprise IAM

ROBLOX Corporation$385K — $443K *
Information Technology
8 - 10 years of experience
Job Overview by Ladders

Qualifications

  • Deep understanding of identity and authentication protocols like OAuth 2.0 and SCIM.
  • Experience with policy-as-code frameworks such as OPA/Rego or Cedar.
  • Proficiency in a backend programming language (Python, Go, Rust).
  • Strong knowledge of security-relevant system design principles.
  • Experience with threat modeling for authentication systems and zero trust architecture.
  • 10+ years of experience in software engineering and security.

Responsibilities

  • Design and implement identity and access systems across Roblox's IAM ecosystem.
  • Develop tools and services for security automation and policy enforcement.
  • Embed security controls into enterprise systems and developer workflows.
  • Evaluate and enhance commercial IAM and security platforms.
  • Build custom integrations and automation layers to scale security solutions.

Benefits

  • Eligible for equity compensation.
  • Health, dental, and vision insurance.
  • Flexible work schedule with hybrid options.
  • Comprehensive employee assistance programs.
  • Generous paid time off and wellness programs.
Full Job Description
As a Principal Security Software Engineer in the Enterprise Security team, you will advance Roblox's Enterprise Security strategy by building the systems and integrations that protect Roblox's corporate infrastructure. Where traditional security engineers evaluate and deploy vendor solutions, you will design and build production-grade security software - Identity and Access governance, policy enforcement engines, and security integrations that scale with Roblox's business. You'll partner with security professionals across InfoSec and work cross-functionally with Corporate Engineering, DevOps, and Product teams to drive security initiatives. You will: • Build identity and access systems: Design, implement, and own integrations across Roblox's IAM ecosystem, including SSO federation, SCIM provisioning/deprovisioning pipelines, OAuth 2.0 authorization servers, and token lifecycle management. • Lead security automation: Develop production-quality tools and services that enforce security policies at scale, replace manual workflows, and surface actionable signals • Drive secure-by-design implementations: Partner with Corporate Engineering, DevOps, and product teams to embed security controls into enterprise systems and developer workflows. • Evaluate and extend vendor platforms: Assess commercial IAM and security tooling, then build the custom integrations, connectors, and automation layers that make them work at Roblox's scale. You have: • Deep understanding of Human and Machine Identity and Authentication protocols like OAuth 2.0, SCIM 2.0, SAML 2.0, Transaction tokens, FIDO2/WebAuthn and Passkeys, SPIFFE/SPIRE • Experience with one or more policy-as-code or authorization frameworks (OPA/Rego, Cedar, Zanzibar/ReBAC) • Proficiency in at least one systems or backend language: Python, Go, Rust • Proficiency with security-relevant system design: session management, audit logging, rate limiting, secret storage • Experience in Threat modeling for authentication and authorization systems • Understanding of Zero trust architecture and least-privilege access patterns • 10+ years of relevant professional experience combining SWE and security You are: • Engineer First: You approach problems with code and systems thinking, building reliable security platforms that engineering teams can depend on • Protocol Fluent: You have hands-on experience implementing identity standards and can navigate RFC-level details to debug complex authentication and authorization issues. • Collaborative: You love working with your direct team and cross-functional partners across engineering, DevOps, and business teams to deliver security outcomes without slowing them down. • Strategic Thinker: You define clear technical requirements and assess commercial solutions to inform build vs. buy decisions, balancing security rigor with engineering pragmatism. • Comfortable with Ambiguity: You gather data, navigate complex situations, and make sound technical decisions even when facing incomplete information or unclear requirements. For roles that are based at our headquarters in San Mateo, CA: The starting base pay for this position is as shown below. The actual base pay is dependent upon a variety of job-related factors such as professional background, training, work experience, location, business needs and market demand. Therefore, in some circumstances, the actual salary could fall outside of this expected range. This pay range is subject to change and may be modified in the future. All full-time employees are also eligible for equity compensation and for benefits as described on this page. Annual Salary Range $385,050-$443,200 USD Roles that are based in an office are onsite Tuesday, Wednesday, and Thursday, with optional presence on Monday and Friday (unless otherwise noted).

About ROBLOX Corporation

Roblox Corporation is a video game company that operates a massively multiplayer online game platform. The platform allows users to create and play games in a virtual world, with a focus on user-generated content. Roblox was founded in 2004 and is headquartered in San Mateo, California. The company has grown rapidly in recent years, and now has over 100 million monthly active users. In 2021, Roblox went public through a direct listing on the New York Stock Exchange.
Learn more about ROBLOX Corporation
Size
960 employees
Market Cap
$15.6 billion
Industry
Net Income
-$242.8 million
Founded
2004
Revenue
$727 million
NASDAQ

Similar Jobs

More Jobs at ROBLOX Corporation

More Information Technology Jobs

Find similar Principal Security Software Engineer, Enterprise IAM jobs: