Senior GRC Analyst

About Roblox

Every day, tens of millions of people come to Roblox to explore, create, play, learn, and connect with friends in 3D immersive digital experiences– all created by our global community of developers and creators.

At Roblox, we’re building the tools and platform that empower our community to bring any experience that they can imagine to life. Our vision is to reimagine the way people come together, from anywhere in the world, and on any device. We’re on a mission to connect a billion people with optimism and civility, and looking for amazing talent to help us get there.

A career at Roblox means you’ll be working to shape the future of human interaction, solving unique technical challenges at scale, and helping to create safer, more civil shared experiences for everyone.

The Role

As a member of the Roblox Security Governance, Risk, and Compliance (GRC) team, you will support the implementation of our security governance program. You will be a key part of a growing team, contributing to our industry leading qualitative/quantitative risk management program, our controls. This position is part of the Information Security team and will report to the GRC Manager.

You Will

• Be a key contributor to the Governance, Risk, and Compliance team within the larger Information Security Organization.
• Partner with your GRC, InfoSec and Engineering colleagues and support the design and implementation of a “risk first” governance function that is “right-sized” for Roblox.
• Find opportunities to improve efficiency and effectiveness, designing tools and automations along the way to drive security and compliance by design.
• Write, revise, and manage our information security policies, standards, and procedures.
• Identify and assess information security risks. You will work with Information Security and Engineering colleagues to implement appropriate controls to mitigate identified risks. You will validate control design and efficiency. You will support ongoing risk monitoring and reporting.
• Be a subject matter expert in the GRC space, providing education and mentorship to others across the Roblox organization.
• Be a part of the Roblox community, living our values and securing the metaverse.

You Have

• 4+ years of relevant professional experience in Security Governance, Risk and Compliance.
• Experience collaborating with software engineers to identify risks, map commitments to controls and develop relevant policies.
• Experience assessing alignment to policies and developing mitigation and remediation plans when gaps exist.
• Deep understanding of risk assessment, compliance frameworks, creation of policy, and how to educate organizations on these concepts.
• Understanding of security concepts and a broad range of security risks and controls.
• Experience in tech; however the need to actively code is not required for the role, just the ability to collaborate with Engineers and quickly establish credibility.

Key skills/competency

• Security Governance
• Risk Management
• Compliance Frameworks
• Information Security Policies
• Control Design & Validation
• Risk Assessment
• Security Audits
• Stakeholder Collaboration
• Mentorship
• Automation Strategy