ROBLOX Corporation

Senior Security GRC Analyst

ROBLOX Corporation$224K — $271K *
Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • 4+ years of professional experience in Security Governance, Risk and Compliance
  • Experience working with software engineers on risk identification and controls mapping
  • Proven track record in assessing policy adherence and developing remediation plans
  • In-depth understanding of risk assessment and compliance frameworks
  • Ability to educate teams on security concepts and governance frameworks
  • Familiarity with a broad range of security risks and controls; coding not required but ability to interface effectively with engineers is vital.

Responsibilities

  • Contribute to the Governance, Risk, and Compliance team within the Information Security Organization.
  • Collaborate with GRC, InfoSec, and Engineering teams to design a tailored governance function.
  • Identify and enact efficiencies, designing tools to integrate security into compliance processes.
  • Write, revise, and manage information security policies, standards, and procedures.
  • Assess security risks and collaborate on implementing effective controls and monitoring practices.
  • Serve as a subject matter expert in GRC, providing education to peers in the organization.
  • Engage with the Roblox community, promoting security values throughout the metaverse.

Benefits

  • Equity compensation eligibility
  • Comprehensive benefits package
  • Flexible in-office presence schedule
  • Opportunity to shape GRC operations and drive innovation
  • Collaborative and high-performing team culture.
Full Job Description
As a member of the Roblox Security Governance, Risk, and Compliance (GRC) team, you will play a key role in supporting the Security team's mission. The GRC team is at the heart of Roblox's security organization - empowering every builder to make risk-informed decisions by establishing a portfolio of governing policies and standards, a repeatable and scalable method of assessing and quantifying risk, and a formal oversight process for GRC capabilities across Roblox.

Our program takes a balanced, "right-sized" approach to security governance - combining qualitative and quantitative risk management methodologies, including Factor Analysis of Information Risk (FAIR), to assess and prioritize the security risks that matter most to Roblox. GRC partners closely with Engineering, Legal, Finance, and leadership - including providing regular reporting to the Board of Directors and the Audit & Compliance Committee - to ensure that security risk is visible, well-understood, and actioned appropriately.

The team is in an exciting phase of growth and innovation. We are using engineering to drive automation across risk management, policy lifecycle management, supply chain risk, AI risk, and controls programs. You will have the opportunity to shape how GRC operates at scale and contribute to a collaborative, high-performing team culture that supports Roblox and the broader security organization.

This position is part of the Information Security team. This role will report to the GRC Manager.

You will:
  • Be a key contributor to the Governance, Risk, and Compliance team within the larger Information Security Organization.
  • Partner with your GRC, Infosec and Engineering colleagues and support the design and implementation of a "risk first" governance function that is "right-sized" for Roblox.
  • Identify opportunities to improve efficiency and effectiveness, designing tools and automations along the way to drive security and compliance by design.
  • Write, revise, and manage our information security policies, standards, and procedures.
  • Identify and assess information security risks. You will work with Information Security and Engineering colleagues to implement appropriate controls to mitigate identified risks. You will validate control design and effectiveness. You will support ongoing risk monitoring and reporting.
  • Be a subject matter expert in the GRC space, providing education and guidance to others across the Roblox organization.
  • Be a part of the Roblox community, living our values and securing the metaverse.

You have:
  • 4+ years of relevant professional experience in Security Governance, Risk and Compliance.
  • Experience interfacing with software engineers to identify risks, map commitments to controls and develop relevant policies.
  • Experience assessing adherence to policies and developing mitigation and remediation plans when gaps exist.
  • Deep understanding of risk assessment, compliance frameworks, creation of policy, and how to educate organizations on these concepts.
  • Understanding of security concepts and a broad range of security risks and controls.
  • Experience in tech; however the need to actively code is not required for the role, just the ability to interface with Engineers and quickly establish credibility.


For roles that are based at our headquarters in San Mateo, CA: The starting base pay for this position is as shown below. The actual base pay is dependent upon a variety of job-related factors such as professional background, training, work experience, location, business needs and market demand. Therefore, in some circumstances, the actual salary could fall outside of this expected range. This pay range is subject to change and may be modified in the future. All full-time employees are also eligible for equity compensation and for benefits as described on this page.

Annual Salary Range

$224,310-$271,710 USD

Roles that are based in an office are onsite Tuesday, Wednesday, and Thursday, with optional presence on Monday and Friday (unless otherwise noted).

About ROBLOX Corporation

Roblox Corporation is a video game company that operates a massively multiplayer online game platform. The platform allows users to create and play games in a virtual world, with a focus on user-generated content. Roblox was founded in 2004 and is headquartered in San Mateo, California. The company has grown rapidly in recent years, and now has over 100 million monthly active users. In 2021, Roblox went public through a direct listing on the New York Stock Exchange.
Learn more about ROBLOX Corporation
Size
960 employees
Market Cap
$15.6 billion
Industry
Net Income
-$242.8 million
Founded
2004
Revenue
$727 million
NASDAQ

Similar Jobs

More Jobs at ROBLOX Corporation

More Information Technology Jobs

Find similar Senior Security GRC Analyst jobs: