InfoSec Audit & Risk Lead
Roblox is ushering in the next generation of entertainment, allowing people to imagine, create, and play together in immersive, user-generated worlds. We’re the one and only fastest-growing entertainment platform that lets anyone teach themselves how to code, publish, and monetize any experience imaginable—across any device—reaching millions of players across the globe.
The impact that you can have at Roblox is powerful. We’re looking for someone who’s eager to take on a meaningful role in the success of Roblox on a massive scale. Someone who takes play seriously, but also isn’t afraid to have some fun either. Someone who’s ready to take Roblox—and their career—to the next level.
In 2018 and 2019, we were honored to be recognized as a Certified Great Place to Work®. We’ve fostered a company culture that empowers people to do the most defining work of their career in an environment that’s made up of the most passionate, team-oriented, visionary, crazy-smart people you’ll ever meet. Join the Roblox team where play rules and the possibilities are endless.
InfoSec has critical responsibilities at Roblox: Setting policies and process; engineering and designing secure systems from inception to operationalization; training peer engineering teams in secure methods and ways. The Audit and Risk Lead is a critical and exciting role for a company that is at the next stage of its evolution. We have critical needs for formalizing and maturing our security controls for a larger audience, for which you would be setting the cornerstone. Proficiency with ISO27001 standard, and working knowledge of CIS and PCI standards essential. Experience and ease in interacting with auditors as well as technical teams also required.
As an early InfoSec lead, you will have the opportunity to be an innovator and foundational member on the InfoSec team at Roblox. We are looking for smart people who work well with others and who want to apply their passion for protecting communities to grow a leading-edge security program. Come join us in building the best trusted all-ages gaming and exchange platform.
- Lead compliance efforts in ISO27001 standards attainment and maintenance
- Ability to apply common controls framework for efficient planning of compliance strategy
- Documentation of controls and requirements
- Work with technical teams to achieve compliant solutions with sound engineering principles
- Liaison with partner auditing firms to plan, schedule interviews and artifact submission, and drive results to efficient closure
- Demonstrate integrity by example and pragmatic approach
- Security Education and Training - preparation of materials and communication through diverse parts of the org. Contribution to security awareness programming.
- Auditing or compliance certification
- 5+ years of experience with a Big 4 auditing firm or QSA or equivalent type of organization
- BA/BS degree in a relevant field or equivalent practical experience
- Self-organized and comfortable working in a fast-paced environment
- Level depending on experience
Nice To Have
- SOX compliance experience
- Technical knowledge or experience in security, systems or network administration, or software development
- Experience working for game or entertainment company
- Experience in large-scale Business-to-Consumer company
- Excellent medical, dental, and vision coverage
- A rewarding 401k program
- Flexible vacation policy
- Free catered lunches five times a week and several fully stocked kitchens with unlimited snacks
- Onsite fitness center and fitness program credit
- Annual CalTrain Go Pass
- A Roblox Admin badge for your avatar
Roblox – Powering Imagination.