Senior Security GRC Analyst
Job Summary
The GRC team is at the heart of Roblox's security organization, empowering every builder to make risk-informed decisions. This role will partner with your GRC, Infosec, and Engineering colleagues to design and implement a "risk first" governance function that is "right-sized" for Roblox.
Key Responsibilities
- Partner with your GRC, Infosec, and Engineering colleagues to support the design and implementation of a "risk first" governance function that is "right-sized" for Roblox.
- Identify opportunities to improve efficiency and effectiveness, designing tools and automations along the way to drive security and compliance by design.
- Write, revise, and manage our information security policies, standards, and procedures.
- Identify and assess information security risks. Work with Information Security and Engineering colleagues to implement appropriate controls to mitigate identified risks. Validate control design and effectiveness. Support ongoing risk monitoring and reporting.
- Be a subject matter expert in the GRC space, providing education and guidance to others across the Roblox organization.
- Be a part of the Roblox community, living our values and securing the metaverse.
Qualifications
- 4+ years of relevant professional experience in Security Governance, Risk and Compliance.
- Experience interfacing with software engineers to identify risks, map commitments to controls, and develop relevant policies.
- Experience assessing adherence to policies and developing mitigation and remediation plans when gaps exist.
- Deep understanding of risk assessment, compliance frameworks, creation of policy, and how to educate organizations on these concepts.
- Understanding of security concepts and a broad range of security risks and controls.
- Experience in tech; however, the need to actively code is not required for the role, just the ability to interface with Engineers and quickly establish credibility.
Company Information
Roblox is a company that builds the tools and platform that empower its community to bring any experience that they can imagine to life. The company aims to reimagine the way people come together, from anywhere in the world, and on any device. The role is part of the Information Security team and reports to the GRC Manager. The starting base pay for this position is as shown below. The actual base pay is dependent upon a variety of job-related factors such as professional background, training, work experience, location, business needs and market demand. Roblox provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. Roblox also provides reasonable accommodations to candidates with qualifying disabilities or religious beliefs during the recruiting process. For US based roles only, please note the Company may not be able to employ candidates for this role who have United States work authorization related to certain U.S. visa categories, or support future H-1B sponsorship at this time.