Principal Technical Program Manager, Detection & Response

Every day, tens of millions of people come to Roblox to explore, create, play, learn, and connect with friends in 3D immersive digital experiences– all created by our global community of developers and creators. At Roblox, we’re building the tools and platform that empower our community to bring any experience that they can imagine to life. Our vision is to reimagine the way people come together, from anywhere in the world, and on any device. We’re on a mission to connect a billion people with optimism and civility, and looking for amazing talent to help us get there. A career at Roblox means you’ll be working to shape the future of human interaction, solving unique technical challenges at scale, and helping to create safer, more civil shared experiences for everyone. As a Technical Program Manager on the Detection and Response Team (DART), you will lead efforts to enhance security resilience and regulatory compliance, particularly NIS2. You will design, implement, and govern our incident response model, translating requirements into executable processes and scalable systems with partners like Security Engineering, Legal, and GRC. This role involves orchestrating high-impact programs, ensuring consistent classification, escalation, and reporting for live events. You will build durable playbooks, metrics, and tooling to continuously improve detection, response, and documentation. You will drive alignment, enable confident decision-making, and elevate how the organization operationalizes risk for secure, resilient operations. You will: Own and operationalize large-scale security programs, including GDPR, NIS2 regulatory readiness and incident response governance. Translate complex regulatory requirements into executable workflows, tooling, and measurable controls. Operate calmly and decisively during high-pressure security incidents. Driving clarity during live incidents ensuring classification, escalation, and regulatory decisions are aligned and documented. Build durable systems that improve response speed, audit readiness, and executive visibility. Facilitate high-stakes cross-functional conversations where risk ownership, accountability, and tradeoffs must be clearly defined. You Have: 8+ years of experience leading complex technical programs within security, incident response, or regulatory domains. Deep familiarity with the incident response lifecycle and security event classification. Experience navigating breach notification requirements (e.g., NIS2, GDPR, or similar frameworks). Demonstrated ability to translate regulatory language into technical execution plans. Experience partnering closely with Legal and Privacy during real incidents. Comfort operating in ambiguity and driving alignment without formal authority. A bias for action combined with strong risk judgment. The ability to build trust with engineers and executives alike For roles that are based at our headquarters in San Mateo, CA: The starting base pay for this position is as shown below. The actual base pay is dependent upon a variety of job-related factors such as professional background, training, work experience, location, business needs and market demand. Therefore, in some circumstances, the actual salary could fall outside of this expected range. This pay range is subject to change and may be modified in the future. All full-time employees are also eligible for equity compensation and for benefits as described on this page . Annual Salary Range $277,350 $330,330 USD Roles that are based in an office are onsite Tuesday, Wednesday, and Thursday, with optional presence on Monday and Friday (unless otherwise noted). Roblox provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or express ... (truncated, view full listing at source)