Principal Enterprise Security Engineer

About Roblox

Every day, tens of millions of people come to Roblox to explore, create, play, learn, and connect with friends in 3D immersive digital experiences– all created by our global community of developers and creators. At Roblox, we’re building the tools and platform that empower our community to bring any experience that they can imagine to life. Our vision is to reimagine the way people come together, from anywhere in the world, and on any device. We’re on a mission to connect a billion people with optimism and civility, and looking for amazing talent to help us get there. A career at Roblox means you’ll be working to shape the future of human interaction, solving unique technical challenges at scale, and helping to create safer, more civil shared experiences for everyone.

The Opportunity

As a Principal Enterprise Security Engineer, you will advance Roblox’s Enterprise Security strategy by shaping and evolving security architecture in alignment with business objectives. You will lead the design, deployment, and governance of security solutions that safeguard Roblox’s corporate infrastructure while enabling scalable, secure operations. Partnering cross-functionally with Corporate Engineering and Trust & Safety, you will translate organizational priorities into resilient security capabilities that balance risk, compliance, and productivity.

You will join the Platform, Enterprise, and Application Security group, reporting directly to the Senior Manager of Enterprise Security Engineering. You'll partner with security professionals across the InfoSec team, and work cross-functionally with teams throughout Roblox to drive security initiatives that scale with our business.

You Will

• Define and maintain enterprise-wide security standards and principles that guide how security is implemented across business workflows, ensuring consistency, scalability, and alignment with organizational risk posture.
• Drive strategic initiatives across core security domains, including endpoint protection, SaaS posture, IAM, identity governance, and third-party risk, to improve Roblox’s overall security maturity.
• Collaborate closely with IT, engineering, DevOps, and business stakeholders to integrate security tools, policies, and processes into enterprise systems and workflows, enabling secure-by-design implementations.
• Mentor engineers and stakeholders, serving as a trusted advisor on security architecture, control design, and secure implementation patterns.

You Have

• 9+ years of relevant professional experience.
• Deep expertise in Identity and Access Management, Authentication & Authorization, Endpoint management, Network Security controls and SaaS security posture management.
• Strong understanding of security concepts including zero trust architecture, threat modeling, security frameworks (SOC 2, ISO 27001), and best practices in corporate security environments.
• Demonstrated ability to design and operationalize security policies, principles, and controls across diverse teams and systems.
• Experience with modern Enterprise infrastructure and SaaS ecosystems, including Google Workspace, Okta, MDM solutions, SSPM, ZTA and cloud-native environments.
• Experience writing and maintaining scripts in at least one language such as SQL or Python.

You Are

• Collaborative: You love working with your direct team and cross-functional partners.
• Strategic thinker: You define clear business requirements and assess commercial solutions to inform build vs. buy decisions.
• Comfortable with ambiguity: You gather data and navigate complex situations even when facing incomplete information or unclear requirements.

Key Skills/Competency

• Enterprise Security Architecture
• Identity and Access Management (IAM)
• Endpoint Protection
• SaaS Security Posture Management (SSPM)
• Zero Trust Architecture (ZTA)
• Security Frameworks (SOC 2, ISO 27001)
• Threat Modeling
• Security Policy Design
• Corporate Infrastructure Security
• Cloud-Native Environments