Principal Security Software Engineer, Enterprise Security

Roblox•San Mateo, CA

7h•$385,050 - $443,200•Onsite

About The Position

Every day, tens of millions of people come to Roblox to explore, create, play, learn, and connect with friends in 3D immersive digital experiences– all created by our global community of developers and creators. At Roblox, we’re building the tools and platform that empower our community to bring any experience that they can imagine to life. Our vision is to reimagine the way people come together, from anywhere in the world, and on any device. We’re on a mission to connect a billion people with optimism and civility, and looking for amazing talent to help us get there. A career at Roblox means you’ll be working to shape the future of human interaction, solving unique technical challenges at scale, and helping to create safer, more civil shared experiences for everyone. As a Principal Security Software Engineer in the Enterprise Security team, you will advance Roblox's Enterprise Security strategy by building the systems and integrations that protect Roblox's corporate infrastructure. Where traditional security engineers evaluate and deploy vendor solutions, you will design and build production-grade security software - Identity and Access governance, policy enforcement engines, and security integrations that scale with Roblox's business. You'll partner with security professionals across InfoSec and work cross-functionally with Corporate Engineering, DevOps, and Product teams to drive security initiatives.

Requirements

Deep understanding of Human and Machine Identity and Authentication protocols like OAuth 2.0, SCIM 2.0, SAML 2.0, Transaction tokens, FIDO2/WebAuthn and Passkeys, SPIFFE/SPIRE
Experience with one or more policy-as-code or authorization frameworks (OPA/Rego, Cedar, Zanzibar/ReBAC)
Proficiency in at least one systems or backend language: Python, Go, Rust
Proficiency with security-relevant system design: session management, audit logging, rate limiting, secret storage
Experience in Threat modeling for authentication and authorization systems
Understanding of Zero trust architecture and least-privilege access patterns
10+ years of relevant professional experience combining SWE and security

Nice To Haves

Engineer First: You approach problems with code and systems thinking, building reliable security platforms that engineering teams can depend on
Protocol Fluent: You have hands-on experience implementing identity standards and can navigate RFC-level details to debug complex authentication and authorization issues.
Collaborative: You love working with your direct team and cross-functional partners across engineering, DevOps, and business teams to deliver security outcomes without slowing them down.
Strategic Thinker: You define clear technical requirements and assess commercial solutions to inform build vs. buy decisions, balancing security rigor with engineering pragmatism.
Comfortable with Ambiguity: You gather data, navigate complex situations, and make sound technical decisions even when facing incomplete information or unclear requirements.

Responsibilities

Build identity and access systems: Design, implement, and own integrations across Roblox's IAM ecosystem, including SSO federation, SCIM provisioning/deprovisioning pipelines, OAuth 2.0 authorization servers, and token lifecycle management.
Lead security automation: Develop production-quality tools and services that enforce security policies at scale, replace manual workflows, and surface actionable signals
Drive secure-by-design implementations: Partner with Corporate Engineering, DevOps, and product teams to embed security controls into enterprise systems and developer workflows.
Evaluate and extend vendor platforms: Assess commercial IAM and security tooling, then build the custom integrations, connectors, and automation layers that make them work at Roblox's scale.