AppSec Jobs
← Back to all jobs

Roblox

Senior Security Software Engineer, Vulnerability Management

San Mateo, CAWebsite

Full details on LinkedIn

The complete job description, requirements, and application details are available on the original posting.

About Roblox

Roblox Corporation is a technology company based in San Mateo, California, founded in 2004 by David Baszucki and Erik Cassel. It operates an immersive online platform that allows users to create, play, learn, and connect through community-generated 3D experiences. The platform is particularly popular among users under 18, with a focus on community engagement and user-generated content. Roblox's core offerings include a multiplayer environment with over 22 million user-generated games, a free desktop tool called Roblox Studio for building experiences, and advanced avatar and AI tools. The company supports a vibrant developer ecosystem, enabling creators to monetize their work through the Developer Exchange program. Roblox emphasizes safety and innovation in its communication features and has partnerships that extend its reach beyond digital experiences, such as toy lines with Jazwares. With a commitment to connecting billions of users, Roblox continues to enhance its platform and foster creativity among its global community.

Industry

information technology & services

Employees

2,500

2540 engineers

Revenue

$4.9B

Website

Visit →

Security at Roblox

Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.

3 Intel Signals

Security Philosophy

Roblox's philosophy is centered on 'Trust-by-Design' and 'Security is Built into Everything We Do.' The AppSec team prioritizes early partnership with engineering teams in the development lifecycle to drive secure-by-default practices rather than acting as a late-stage gatekeeper.

Security Team

  • Roblox's Application Security team is part of the broader Platform, Enterprise, and Application Security group.
  • The team reports through a Manager of Application Security to a Senior Manager of Enterprise Security Engineering, ultimately rolling up to the Chief Information Security Officer.
  • Key leadership includes Nicole Grinstead as CISO and Jovon Itwaru as a Principal Application Security Engineer.

Key Initiatives

  • Current initiatives include the automation of vulnerability triage, prioritization, and remediation workflows at scale.
  • The team is also focused on integrating security into CI/CD pipelines and expanding security coverage to include SaaS security, Identity & Access Management (IAM), and autonomous agentic workflows.

Preparing for an AppSec interview?

Get the weekly briefing 2,000+ security pros trust.