Senior Compliance Program Manager, Audit Response

About The Position

Requirements

• Experience: 7+ years of experience in Program Management, Compliance, Risk Management, or External Audit, preferably within the Technology sectors.
• Regulatory Fluency: Demonstrated capability to become fluent in relevant regulatory frameworks, especially those focused on online safety.
• Audit Management Skills: Proven ability to manage complex third-party audits (e.g., SOC2, ISO, Regulatory Audits) from scoping to final report. You understand audit terminology (controls, sampling, evidence) and can explain it to non-compliance audiences.
• Legal Acumen: Experience working closely with Legal Counsel. You understand the concepts of privilege, risk exposure, and the importance of precise wording in regulatory submissions.
• Cross-Functional Leadership: The ability to influence stakeholders without direct authority. You can motivate Engineering and Product SMEs to prioritize compliance tasks alongside their roadmap work.
• Structured Organization: Exceptional project management skills with the ability to track hundreds of moving parts simultaneously using tools like Jira, Asana, Airtable or GRC platforms.
• Communication Skills: You are an excellent writer and verbal communicator who can synthesize complex technical and legal concepts for diverse audiences.

Responsibilities

• Lead Compliance Audit Execution: Orchestrate the end-to-end lifecycle of internal and external audit requirements, ensuring strict adherence to timelines and scope.
• Act as the Primary Coordinator: Serve as the central coordinating function for audit activities. You will translate auditor requests into actionable tasks for Engineering, Product, and Safety teams, and conversely, translate internal information into audit evidence.
• Manage Legal Sign-Off Workflows: Design and enforce a rigorous chain-of-custody process for all audit evidence. You will ensure that no document, data point, or response is submitted to external auditors without explicit review and approval from designated Legal SMEs.
• Drive Readiness & Mock Audits: Help Roblox improve its audit readiness through "mock audit" exercises to identify risks and ensure internal teams are prepared for rigorous audit requirements.
• Coordinate Evidence Gathering: Manage the collection, organization, and repository of thousands of evidence artifacts. You will challenge the quality of evidence provided by SMEs to ensure it fully answers the audit test steps before it reaches Legal review.
• Track Remediation: If audit findings requiring remediation arise, you will partner with cross-functional teams to track audit remediations through to completion.
• Develop Metrics: Identify and develop audit program metrics that will monitor program health, inform program goals, and be leveraged to monitor and report out on audit program status.
• Report to Leadership: Provide regular status updates, risk flags, and executive summaries to senior leadership regarding audit findings and the health of the audit program.