Principal Security Software Engineer, Enterprise Security

Every day, tens of millions of people come to Roblox to explore, create, play, learn, and connect with friends in 3D immersive digital experiences– all created by our global community of developers and creators.  At Roblox, we’re building the tools and platform that empower our community to bring any experience that they can imagine to life. Our vision is to reimagine the way people come together, from anywhere in the world, and on any device. We’re on a mission to connect a billion people with optimism and civility, and looking for amazing talent to help us get there.  A career at Roblox means you’ll be working to shape the future of human interaction, solving unique technical challenges at scale, and helping to create safer, more civil shared experiences for everyone.As a Principal Security Software Engineer in the Enterprise Security team, you will advance Roblox's Enterprise Security strategy by building the systems and integrations that protect Roblox's corporate infrastructure. Where traditional security engineers evaluate and deploy vendor solutions, you will design and build production-grade security software - Identity and Access governance, policy enforcement engines, and security integrations that scale with Roblox's business. You'll partner with security professionals across InfoSec and work cross-functionally with Corporate Engineering, DevOps, and Product teams to drive security initiatives. You will: Build identity and access systems: Design, implement, and own integrations across Roblox's IAM ecosystem, including SSO federation, SCIM provisioning/deprovisioning pipelines, OAuth 2.0 authorization servers, and token lifecycle management. Lead security automation: Develop production-quality tools and services that enforce security policies at scale, replace manual workflows, and surface actionable signals Drive secure-by-design implementations: Partner with Corporate Engineering, DevOps, and product teams to embed security controls into enterprise systems and developer workflows. Evaluate and extend vendor platforms: Assess commercial IAM and security tooling, then build the custom integrations, connectors, and automation layers that make them work at Roblox's scale. You have: Deep understanding of Human and Machine Identity and Authentication protocols like OAuth 2.0, SCIM 2.0, SAML 2.0, Transaction tokens, FIDO2/WebAuthn and Passkeys, SPIFFE/SPIRE Experience with one or more policy-as-code or authorization frameworks (OPA/Rego, Cedar, Zanzibar/ReBAC) Proficiency in at least one systems or backend language: Python, Go, Rust  Proficiency with security-relevant system design: session management, audit logging, rate limiting, secret storage Experience in Threat modeling for authentication and authorization systems Understanding of Zero trust architecture and least-privilege access patterns 10+ years of relevant professional experience combining SWE and security You are: Engineer First: You approach problems with code and systems thinking, building reliable security platforms that engineering teams can depend on Protocol Fluent: You have hands-on experience implementing identity standards and can navigate RFC-level details to debug complex authentication and authorization issues. Collaborative: You love working with your direct team and cross-functional partners across engineering, DevOps, and business teams to deliver security outcomes without slowing them down. Strategic Thinker: You define clear technical requirements and assess commercial solutions to inform build vs. buy decisions, balancing security rigor with engineering pragmatism. Comfortable with Ambiguity: You gather data, navigate complex situations, and make sound technical decisions even when facing incomplete information or unclear requirements. For roles that are based at our headquarters in San Mateo, CA: The starting base pay for this position is as shown below. The actual base pay is dependent upon a variety of job-related factors such as professional background, training, work experience, location, business needs and market demand. Therefore, in some circumstances, the actual salary could fall outside of this expected range. This pay range is subject to change and may be modified in the future. All full-time employees are also eligible for equity compensation and for benefits as described on this page.Annual Salary Range$385,050—$443,200 USDRoles that are based in an office are onsite Tuesday, Wednesday, and Thursday, with optional presence on Monday and Friday (unless otherwise noted). Roblox provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. Roblox also provides reasonable accommodations to candidates with qualifying disabilities or religious beliefs during the recruiting process. For US based roles only, please note the Company may not be able to employ candidates for this role who have United States work authorization related to certain U.S. visa categories, or support future H-1B sponsorship at this time.