BPO Vendor Compliance Partner Customer Support

At Roblox we are seeking a detail-oriented BPO Vendor Compliance Partner to ensure the integrity and security of our outsourced operations. The BPO Vendor Compliance Partner is critical for maintaining the operational integrity and security of outsourced Moderation services. This role is responsible for establishing and executing a comprehensive compliance governance framework ensuring all Business Process Outsourcing (BPO) vendors strictly adhere to contractual Service Level Agreements (SLAs) regulatory requirements (e.g. data privacy) and internal security policies. This Partner will continuously monitor vendor performance lead adversarial testing and drive risk mitigation efforts through rigorous auditing and enforcement actions.

Reporting to the Senior Manager Vendor Operations and Compliance you will conduct continuous monitoring and regular audits serving as a primary point of contact for compliance matters between our internal teams and external BPO partners. You will be instrumental in maintaining the compliance posture of our global vendor ecosystem.

You Will:

Compliance Governance and Auditing

• Conduct Regular Compliance Audits: Lead scheduled and ad-hoc audits of BPO vendor operations specifically within the Content Moderation vertical to assess compliance with contracts operational procedures and mandated controls.
• Performance Monitoring and Reporting: Review validate and approve vendor submitted compliance reports and evidentiary documentation.
• Maintain comprehensive auditable records to support internal reviews and external regulatory inquiries.
• SLA and Quality Assurance: Collaborate closely with Vendor Managers to monitor the effectiveness of first-level quality audits performed by BPO partners ensuring high-quality standards and training efficacy for elevated actions in Mod workflows.
• Issue Remediation & Enforcement: Identify document and meticulously track all compliance gaps control deficiencies or contractual breaches.
• Define and oversee the execution of comprehensive Corrective Action Plans (CAPs) with vendors to ensure timely and effective resolution.

Security Risk and Adversarial Testing

• Regulatory Alignment: Partner with the Information Security (Infosec) and Legal teams to track evolving global regulatory landscapes (e.g. GDPR CCPA industry-specific rules).
• Coordinate the necessary updates to BPO vendor controls and policies maintain continuous adherence.
• Adversarial Activity: Design execute and analyze results from adversarial activities including BPO-specific phishing campaigns and social engineering tests to proactively test the effectiveness of system controls processes and workforce resilience.
• Risk Framework Implementation: Drive the implementation of tools and infrastructure to automate compliance monitoring risk scoring and evidence collection across the BPO environment enhancing efficiency and scalability.
• Enforcement Actions: Initiate and manage the formal process for issuing monetary consequences fines or other penalties against BPO vendors resulting from confirmed cyber security or severe contractual violations.

Operational Resilience and Strategic Collaborations

• Business Continuity Planning (BCP): Develop and maintain a holistic Business Continuity and Disaster Recovery (BC/DR) plan for the entire BPO network.
• Ensure vendors possess and demonstrate sufficient individual operational resilience capabilities and that the consolidated plan addresses loss scenarios for any given partner.
• Cross-Functional Alignment: Collaborate with Legal Risk Management and Procurement teams during vendor selection and contract renewal processes to define embed and standardize compliance security and risk standards into all new and existing BPO contracts.
• Process Documentation: Become intimately familiar with the end-to-end workflow processes and documentation within the designated vertical (Moderation) to provide expert guidance on control placement and policy effectiveness.

You Have:

• 5 years of experience in compliance auditing or vendor management within a BPO environment. Experience with Customer Support is a plus.
• Working knowledge of key regulatory frameworks including data privacy and PII handling standards.
• Proven ability to execute objective audits and develop effective measurable action plans.
• Excellent organizational skills and attention to detail necessary for comprehensive record-keeping.
• Strong communication skills for coordinating effectively with both internal teams and external vendor partners.