Posted Aug 4

Roblox is hiring a
Principal Third Party Security Risk Analyst

San Mateo, CA, United States

Every day, tens of millions of people come to Roblox to explore, create, play, learn, and connect with friends in 3D immersive digital experiences– all created by our global community of developers and creators. 

At Roblox, we’re building the tools and platform that empower our community to bring any experience that they can imagine to life. Our vision is to reimagine the way people come together, from anywhere in the world, and on any device. We’re on a mission to connect a billion people with optimism and civility, and looking for amazing talent to help us get there. 

A career at Roblox means you’ll be working to shape the future of human interaction, solving unique technical challenges at scale, and helping to create safer, more civil shared experiences for everyone.

As a Principal Third-party Risk Analyst, you will be a founding member of the Roblox Third-party Risk Management team, reporting to the Manager of Third Party Risk and Oversight. You will strengthen the security posture of the company by identifying, analyzing, prioritizing, and remediating risks associated with Roblox's Third party vendor engagements.

You are expected to establish and own the Third Party Risk Control Matrix, to clearly outline and report on: general risks, control expectations - and failures, regulatory requirements, and internal requirements.

You Will:

  • Help us measure and right size risk for the globally distributed workforce that supports the Roblox platform.
  • Build the foundation for the third party risk management program, ensuring that the level of oversight is commensurate with the level of risk and complexity associated with each of our partnerships.
  • Build strong relationships with other teams while providing informed suggestions for identified control failures - working cross functionally with system owners to implement remediations.
  • Scale impact as the company grows by streamlining and automating processes that help us capture and understand risk.
  • Use industry standard frameworks to systematically and continually analyze the risk of off-shore global business operations
  • Assess, map, and protect an evolving threat landscape as operations scale and grow in complexity
  • Perform gap analysis, and through technical reporting, provide recommendations to satisfy controls
  • Convert objective technical risks into tangible business goals
  • Partner with multiple third party business operations to implement and enforce a standardized security posture
  • Act as liaison between our third parties and internal teams, bridging gaps to enable a defense in-depth model

You Have:

  • 8+ years of relevant professional experience in the Information Security Risk/Audit space.
  • BA/BS degree in a relevant field or equivalent experience.
  • Up-to-date, working knowledge, and experience with CIS Controls and common Benchmarks
  • Experience with compliance frameworks:
    • NIST CSF
    • ISO27001
    • SOX
  • Working knowledge of regulatory law:
    • GDPR
    • CCPA
    • COPPA
  • Experience being self-organized, with high attention to detail
  • Excellent prioritization and execution skills
  • Excellent written and verbal communication skills

You Are:

  • Results driven: an individual who values moving progress forward.
  • Team-oriented: a collaborative team player who enjoys working with others.
  • Passionate about security: You have significant experience in information security.



For roles that are based at our headquarters in San Mateo, CA: The starting base pay for this position is as shown below. The actual base pay is dependent upon a variety of job-related factors such as professional background, training, work experience, location, business needs and market demand. Therefore, in some circumstances, the actual salary could fall outside of this expected range. This pay range is subject to change and may be modified in the future.  All full-time employees are also eligible for equity compensation and for benefits.
Annual Salary Range
$292,610$354,990 USD

You’ll Love: 

  • Industry-leading compensation package
  • Excellent medical, dental, and vision coverage
  • A rewarding 401k program
  • Flexible vacation policy
  • Roflex - Flexible and supportive work policy 
  • Roblox Admin badge for your avatar
  • At Roblox HQ: 
    • Free catered lunches five times a week and several fully stocked kitchens with unlimited snacks
    • Onsite fitness center and fitness program credit
    • Annual CalTrain Go Pass

Roblox provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

Please mention that you found the job on ARVR OK. Thanks.