Every day, tens of millions of people come to Roblox to explore, create, play, learn, and connect with friends in 3D immersive digital experiences– all created by our global community of developers and creators.
At Roblox, we’re building the tools and platform that empower our community to bring any experience that they can imagine to life. Our vision is to reimagine the way people come together, from anywhere in the world, and on any device.** **We’re on a mission to connect a billion people with optimism and civility, and looking for amazing talent to help us get there.
A career at Roblox means you’ll be working to shape the future of human interaction, solving unique technical challenges at scale, and helping to create safer, more civil shared experiences for everyone.
We are looking for a Privacy & Security Counsel to join our Privacy & Security Legal team. This role is focused on legal security, and you will provide insights and guidance on a range of such issues from laws and regulations to incidents and policies.
Role is based in our San Mateo, CA office on a hybrid model (Tuesday-Thursday) #LI-Hybrid
You will:
- SME on Law: Provide subject-matter expertise and guidance on the evolving global security and privacy legal landscape, including legislation, regulations, enforcement actions, and best practices, translating analysis into clear, concise, and actionable guidance to both legal and security teams.
- Incident Response Engagement: Engage with the Detection and Response and Global Security teams during incidents. Provide legal guidance throughout the incident, including during verification, triage, containment, remediation, post-mortem, table-top exercises, counseling internal stakeholders throughout the incident lifecycle, reporting to regulators, and notifying customers to meet our global obligations.
- **Security Compliance Support: **Own and deliver complex, cross-functional cybersecurity legal initiatives end-to-end (e.g., new regulatory regimes, major incident response improvements), with clear milestones, stakeholder alignment, and measurable outcomes. Continuously improve incident response policies and playbooks that meet the standards of applicable global data privacy and security laws.
- **Security Team Support: **Embed within security pods as a trusted partner and go-to legal resource for regular expertise, insights, guidance, and support to different security teams, including Application Security, GRC, Privacy Engineering, Global Security, and Infrastructure/Platform teams, developing a working understanding of Roblox’s architecture, data flows, and operational constraints.
- Cross-Functional Legal Advice: Provide subject matter expertise in privacy and security and support to cross-functional legal advocacy teams, including corporate, employment, compliance, policy, regulatory, product, privacy, and commercial.
You have:
- 5+ years of data security, data privacy, data protection and governance experience.
- Expertise in US and global data security and protection laws and regulations.
- Knowledge of security regulations and frameworks, such as GDPR, NIS2, CCPA, COPPA, CA SB 553, NIST CSF, and PCI.
- Experience working with Information Security teams, including Incident Response, Application Security and Governance.
- Experience with security incidents including, breaches, breach reporting to regulators, customer notifications.
- Experience implementing global data protection and security requirements.
- Training at a major national law firm; in-house experience a plus.
- Active membership in at least one U.S. state bar; California Bar admission preferred.
- Excellent business-oriented judgment.
- Experience operating as a senior individual contributor in a fast-paced technology company, driving complex, cross-functional programs.
- Proven track record of taking ambiguous, cross-functional projects from concept to delivery, using strong project management skills to drive accountability and hit deadlines.
- Exceptional written and verbal communication skills, including the ability to “speak the language of the business” (not the law firm) and tailor messaging to executives, engineers, and operations teams.
- Working familiarity with large-scale, modern infrastructure (e.g., cloud platforms, microservices, observability, incident management tooling) sufficient to understand how technical architectures influence legal risk and incident response.
For roles that are based at our headquarters in San Mateo, CA: The starting base pay for this position is as shown below. The actual base pay is dependent upon a variety of job-related factors such as professional background, training, work experience, location, business needs and market demand. Therefore, in some circumstances, the actual salary could fall outside of this expected range. This pay range is subject to change and may be modified in the future. All full-time employees are also eligible for equity compensation and for benefits as described on this page.
Annual Salary Range
$211,760—$252,210 USD
Roles that are based in an office are onsite Tuesday, Wednesday, and Thursday, with optional presence on Monday and Friday (unless otherwise noted).
Roblox provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. Roblox also provides reasonable accommodations to candidates with qualifying disabilities or religious beliefs during the recruiting process.
For US based roles only, please note the Company may not be able to employ candidates for this role who have United States work authorization related to certain U.S. visa categories, or support future H-1B sponsorship at this time.