Governance, Risk, & Compliance Program Manager

Role Description

As a

Compliance Program

Manager on the

Governance,

Risk

,

& Compliance team, you will play a crucial role

in

building

Compliance across our product set

.

Protecting Dropbox and our users is

critical

to being worthy of trust. As a Compliance

Program

Manager

at Dropbox, you will join a

growing

team to design, implement, and coordinate programs to promote user trust and manage risks to their data. You will work with teams across the organization

,

including

Engineering

,

Product

,

Design

,

and

Sales

,

in order

to manage risks to Dropbox and users alike. You will work in depth with other parts of the business to ensure Dropbox meets our security

, privacy, and regulatory

commitments.

If you are passionate about

protecting Dropbox and our users,

are looking for an opportunity to stretch and grow yourself in a dynamic team, and thrive in an environment

where you can constantly learn

, then this role is for you.

Responsibilities

Promote and foster a culture of trust

within and outside of

Dropbox

.

Partner with teams to execute on cross-team and/or multi-phase projects from design through implementation

against a wide variety of regulatory and compliance frameworks

, especially AI-specific standards/frameworks

Identify

the right solutions to clarify and solve ambiguous, open-ended problems

across various compliance programs.

Mature our overall compliance program. Improve and implement

controls for internal systems, processes, and policies

through bold and innovative approaches and leveraging automation and AI-enabled processes

Facilitate

ongoing

AI Governance,

R

isk and

C

ompliance initiatives and

monitor

control effectiveness

.

Collaborate with internal teams and external auditors throughout compliance

assessments

.

Play an active part in

responding and

mitigating

compliance

challenges across multiple time zones and jurisdictions.

Drive automation efforts across the Compliance function via the

AI-enabled GRC automation

tool

s

Identify opportunities impacting the Compliance function and establish the strategy and cross-functional alignment to achieve these objectives.

Conduct gap assessments to identify areas of non-compliance or areas for improvement, and develop action plans to address these gaps.

Provide guidance to management on the impact of new laws and regulations and recommend changes in business practices where necessary

Requirements

4

+ years of experience building or maintaining programs to mitigate risks around security,

confidentiality, integrity, availability, and

Privacy

Independently executes and manages projects with high-level direction from a manager

Consistently utilize AI tools to enhance workflows, evaluate outputs with critical judgment, and help others adopt tools where appropriate.

Experience Facilitating Or Being The Subject Of

SOC, ISO,

HIPAA

and/or

PCI

audits at a fast-paced technology company, public accounting firm, or similar environment

Experience Partnering With Engineering, Product

,

& Development teams to define compliance needs in a multi-product environment

Moderate f

amiliarity with a broad range of technical concepts relevant to cloud computing environments: logical access control, agile development process, secure coding principles, security architecture, information security, network security, and privacy

Experience With Implementing Compliance Programs For Emerging New

products, including AI enabled products

Moderate

understanding of cloud-based technologies and their implications for governance, risk, and compliance

, with a focus on AI compliance needs

Strong project management and organizational skills -

must

drive your own projects to completion

with high-level direction from a manager

,

while also fostering collaboration and bringing teams together to achieve common objectives.

Great people skills and ability to work well in fast paced team environment with a wide range of technical and non-technical teams

Excellent writing, communication, and organizational skills - strong attention to detail

Passion to aim higher and develop new skills

CISA, CISSP, CCSK, CIPP, or other professional certifications/associations

required

Preferred Qualifications

Experience In Scaling Compliance Programs In High-growth Technology Company

Compensation

US Zone 1

This Role Is Not Available In Zone 1

US Zone 2

$135,400

—

$183,200 USD

US Zone 3

$120,400

—

$162,800 USD