BPO Vendor Compliance Partner - Moderation San Mateo, CA, Safety & Support

San Mateo, CA, United States Safety & Support

Every day, tens of millions of people come to Roblox to explore, create, play, learn, and connect with friends in 3D immersive digital experiences– all created by our global community of developers and creators.

At Roblox, we’re building the tools and platform that empower our community to bring any experience that they can imagine to life. Our vision is to reimagine the way people come together, from anywhere in the world, and on any device. We’re on a mission to connect a billion people with optimism and civility, and looking for amazing talent to help us get there.

A career at Roblox means you’ll be working to shape the future of human interaction, solving unique technical challenges at scale, and helping to create safer, more civil shared experiences for everyone.

At Roblox, we are seeking a detail-oriented BPO Vendor Compliance Partner to ensure the integrity and security of our outsourced operations. The BPO Vendor Compliance Partner is critical for maintaining the operational integrity and security of outsourced Customer Support and Moderation services. This role is responsible for establishing and executing a comprehensive compliance governance framework, ensuring all Business Process Outsourcing (BPO) vendors strictly adhere to contractual Service Level Agreements (SLAs), regulatory requirements (e.g., data privacy), and internal security policies.

This Partner will continuously monitor vendor performance, lead adversarial testing, and drive risk mitigation efforts through rigorous auditing and enforcement actions.

Reporting to the Senior Manager, Vendor Operations and Compliance, you will conduct continuous monitoring and regular audits, serving as a primary point of contact for compliance matters between our internal teams and external BPO partners. You will be instrumental in maintaining the compliance posture of our global vendor ecosystem.

Compliance Governance and Auditing

• Conduct Regular Compliance Audits: Lead scheduled and ad‑hoc audits of BPO vendor operations, specifically within EITHER the Customer Support or Content Moderation verticals, to assess compliance with contracts, operational procedures, and mandated controls.
• Performance Monitoring and Reporting: Review, validate, and approve vendor submitted compliance reports and evidentiary documentation.
• Maintain comprehensive, auditable, records to support internal reviews and external regulatory inquiries.
• SLA and Quality Assurance: Collaborate closely with Vendor Managers to monitor the effectiveness of first‑level quality audits performed by BPO partners, ensuring high‑quality standards and training efficacy for elevated actions in CS/Mod workflows.
• Issue Remediation & Enforcement: Identify, document, and meticulously track all compliance gaps, control deficiencies, or contractual breaches.
• Define and oversee the execution of comprehensive Corrective Action Plans (CAPs) with vendors to ensure timely and effective resolution.

Security, Risk, and Adversarial Testing

• Regulatory Alignment: Partner with the Information Security (Infosec) and Legal teams to track evolving global regulatory landscapes (e.g., GDPR, CCPA, industry‑specific rules).
• Coordinate the necessary updates to BPO vendor controls and policies maintain continuous adherence.
• Adversarial Activity: Design, execute, and analyze results from adversarial activities, including BPO‑specific phishing campaigns and social engineering tests, to proactively test the effectiveness of system controls, processes, and workforce resilience.
• Risk Framework Implementation: Drive the implementation of tools and infrastructure to automate compliance monitoring, risk scoring, and evidence collection across the BPO environment, enhancing efficiency and scalability.
• Enforcement Actions: Initiate and manage the formal process for issuing monetary consequences, fines, or other penalties against BPO vendors resulting from confirmed cyber security or severe contractual violations.

Operational Resilience and Strategic Collaborations

• Business Continuity Planning (BCP): Develop and maintain a holistic Business Continuity and Disaster Recovery…