Cyber Security Risk Analyst for Trust and Safety Global Business Operations
Employment Type: Full-Time
Roblox is ushering in the next generation of entertainment, allowing people to imagine, create, and play together in immersive, user-generated worlds. We're the one and only fastest-growing entertainment platform that lets anyone teach themselves how to code, publish, and monetize any experience imaginable-across any device-reaching millions of players across the globe.
The impact that you can have at Roblox is powerful. We're looking for someone who's eager to take on a meaningful role in the success of Roblox on a massive scale. Someone who takes play seriously, but also isn't afraid to have some fun either. Someone who's ready to take Roblox-and their career-to the next level.
In 2018, 2019, and 2020, we were honored to be recognized as a Certified Great Place to Work®. We've fostered a company culture that empowers people to do the most defining work of their career in an environment that's made up of the most passionate, team-oriented, visionary, crazy-smart people you'll ever meet. Join the Roblox team where play rules and the possibilities are endless.
As the Cyber Security Risk Analyst, you will play a critical role in driving the system of checks, balances, and fail safes that protect our platform from BPO Third Party Risk.
Working with multiple geographically and functionally diverse partners, you will implement and uphold security industry best practices.
You will perform routine audits of our off-shore business partners, providing visibility and reporting that contributes to overall Risk Strategy.
The ideal candidate has a diverse background in Information Security Audit and Compliance, can dive into the technical without losing sight of high level business goals, and works well in large, cross-functional teams where objectives may compete.
* 3-5 Years experience working in an Information Security Audit and Compliance role
* BA/BS degree in a relevant field or equivalent experience.
* Up-to-date, working knowledge, and experience with CIS Controls and common Benchmarks
* Experience with implementing compliance framework audits:
* NIST CSF
* Working knowledge of regulatory law:
* Experience with threat modeling, translating business risk to different organizational stakeholders
* Experience managing multiple, parallel objectives across several different collaborative working groups
* Self-organized, with high attention to detail
* Excellent prioritization and execution skills
* Excellent written and verbal communication skills
* Level depending on experience
Nice to Have
* Experience working with Threat Intel tools, interpreting signal and making appropriate recommendations
* Cyber Security Incident Response Experience
* SANS PICERL Model
* Experience working for gaming, social, or entertainment company
* Experience in large-scale Business-to-Consumer company
* Use industry standard frameworks to systematically and continually analyze the risk of off-shore global business operations
* Assess, map, and protect an evolving threat landscape as operations scale and grow in complexity
* Perform gap analysis, and through technical reporting, provide recommendations to satisfy controls
* Convert objective technical risks into tangible business goals
* Work with multiple third party business operations to implement and enforce a standardized security posture
* Act as liaison between our third parties and internal teams, bridging gaps to enable a defense in depth model
* Assist cross-functional teams with ISO27001, and SOX Certification
* Excellent medical, dental, and vision coverage.
* A rewarding 401k program.
* Flexible vacation policy.
* A Roblox Admin badge for your avatar.