Senior GRC Analyst

About The Position

Requirements

• 4+ years of relevant professional experience in Security Governance, Risk and Compliance.
• Experience collaborating with software engineers to identify risks, map commitments to controls and develop relevant policies.
• Experience assessing alignment to policies and developing mitigation and remediation plans when gaps exist.
• Deep understanding of risk assessment, compliance frameworks, creation of policy, and how to educate organizations on these concepts.
• Understanding of security concepts and a broad range of security risks and controls.
• Experience in tech; however the need to actively code is not required for the role, just the ability to collaborate with Engineers and quickly establish credibility.

Responsibilities

• Be a key contributor to the Governance, Risk, and Compliance team within the larger Information Security Organization.
• Partner with your GRC, InfoSec and Engineering colleagues and support the design and implementation of a "risk first" governance function that is "right-sized" for Roblox.
• Find opportunities to improve efficiency and effectiveness, designing tools and automations along the way to drive security and compliance by design.
• Write, revise, and manage our information security policies, standards, and procedures.
• Identify and assess information security risks.
• You will work with Information Security and Engineering colleagues to implement appropriate controls to mitigate identified risks.
• You will validate control design and efficiency.
• You will support ongoing risk monitoring and reporting.
• Be a subject matter expert in the GRC space, providing education and mentorship to others across the Roblox organization.
• Be a part of the Roblox community, living our values and securing the metaverse.