Job Highlights
AI-extracted key information
The Risk & Governance Manager at Dropbox will join the Governance, Risk, & Compliance (GRC) team to enhance and scale programs that facilitate informed risk management decisions. This role involves collaborating with various teams to identify, assess, and mitigate risks across Dropbox’s operations and products, while also implementing governance programs related to AI and user trust.
Salary Range
$161k - $217k/year
Risk & Governance Manager
Posted 1 weeks ago
Full-Time
Employment Type
Remote
Work Location
$160,700 - $217,300
per year
About This Role
Role Description
As a
Risk & Governance
Manager
at Dropbox, you will join
the
Governance, Risk, & Compliance
(GRC)
team
,
you will help mature and scale programs that enable Dropbox to make thoughtful, risk-informed decisions. This is a broad, cross-functional role supporting multiple areas of the
GRC
program, including enterprise risk management, AI governance, business resilience, third-party risk, internal controls, audit readiness, and risk reduction initiatives.
You will partner closely with teams across Security, Privacy, Engineering, Product, Legal, and Compliance to identify, assess, prioritize, and reduce risk across Dropbox’s products, services, and operations. This role is ideal for someone who enjoys working across domains, can bring structure to ambiguous problems, and is comfortable translating complex technical, regulatory, and business considerations into practical governance programs.
Additionally, you will be responsible for
implementing programs and controls to help us maintain user trust and adhere to Dropbox’s AI principles
and trust policies
. You will help both Dropbox and our customers make informed decisions about the use of AI products and services
.
Responsibilities
Governance Program
Management
Support the design, implementation, and continuous improvement of Dropbox’s Governance, Risk, and Compliance programs, including quantitative risk management
(FAIR),
governance, controls, compliance readiness, issue management, and risk reporting.
Plan and execute risk assessments, gap analyses, certification readiness activities, compliance reviews, and audit support processes across areas such as security, privacy, AI, reliability, third-party services, and operational risk.
Partner with cross-functional stakeholders to identify risks, assess impact and likelihood, define mitigation plans, assign owners, and track risk reduction efforts through completion.
Drive risk reduction projects that strengthen Dropbox’s control environment, improve operational maturity, and help teams make risk-informed decisions.
Coordinate improvements to internal risk management systems, workflows, documentation, reporting, and policies to increase consistency, transparency, and program effectiveness.
Collaborate with internal and external auditors throughout compliance engagements, including evidence collection, stakeholder coordination, gap remediation, and management reporting.
Support risk reviews of third-party service providers and help connect third-party findings to broader enterprise risk, compliance, and customer trust objectives.
Lead or support complex, cross-functional governance initiatives, such as software asset management, control rationalization, audit readiness, or risk remediation programs.
Play an active role in risk incident readiness and response by helping teams prepare for, mitigate, respond to, recover from, and learn from risk events.
AI Governance
Help implement, maintain, and mature programs that support Dropbox’s AI governance framework, company AI Principles, legal and regulatory obligations, and customer trust commitments.
Partner with Product, Engineering, Security, Privacy, Legal, Compliance, and business teams to assess AI use cases and define practical governance requirements for intake, documentation, review, approval, monitoring, and issue remediation.
Support AI risk assessments that consider security, privacy, transparency, reliability, misuse, bias and fairness, data governance, compliance, and operational risk.
Translate emerging AI regulatory, ethical, and industry expectations into scalable internal policies, standards, controls, and operating practices.
Develop metrics, KPIs, dashboards, and reporting to communicate AI governance maturity, risk posture, compliance status, and remediation progress to stakeholders and leadership.
Provide risk-informed guidance to stakeholders and leadership on AI governance decisions, policy updates, regulatory developments, and responsible AI practices.
Business Resilience and Operational Risk
Support Dropbox’s business resilience program, including business continuity planning, business impact assessments, tabletop exercises, incident readiness, recovery planning, and after-action reviews.
Partner with key teams to identify critical services, dependencies, operational risks, continuity requirements, and resilience gaps.
Drive or support tabletop exercises and scenario-based reviews for key teams, helping document lessons learned, owners, timelines, and follow-up actions.
Track resilience risks and remediation activities, escalating themes, blockers, and emerging risks to appropriate stakeholders or governance forums.
Help connect business resilience work to broader risk management, compliance, customer trust, audit readiness, and incident response objectives.
Requirements
7+
years of experience building or maint
aining
risk, governance, compliance, audit, business resilience, security, privacy, or related programs
Experience At A Publicly Traded, Fast Paced Saas Company
Experience
managing and
reducing
AI, s
ecurity, privacy, or reliability risks
Knowledge of FAIR quantitative risk methodologies
Familiarity with a broad range of technical concepts relevant to cloud computing
and SaaS
environments: logical access
,
agile development process, security architecture, information security, network security, and privacy
Strong project management and organizational skills
Collaborative working style and strong relationship-building skills, with the ability to work effectively with both technical and non-technical teams
Excellent writing, communication, organizational skills
, and
strong attention to detail
Ability to confidently convey nuanced information to senior leaders
Related professional certifications such as
AIGP
(AI
Governance Professional) or
CIPP
(Certified
Information Privacy Professional) preferred
Preferred Qualifications
Deep subject matter knowledge in AI governance,
security, privacy, or reliability risk, i.e. s
ufficient technical knowledge to have
effective
conversations with Dropbox engineers
S
elf
s
tarter and ability to navigate ambiguity, proven history of owning and delivering a project end-to-end, has strong Executive presence
Experience
completing
complex cross-functional
projects that can turn into self-sustaining programs
as part of
a risk
team
Compensation
US Zone 1
This Role Is Not Available In Zone 1
US Zone 2
$160,700
—
$217,300 USD
US Zone 3
$142,800
—
$193,200 USD
Compensation
$160,700 - $217,300
Annual salary
Ready to Apply?
Click the button below to submit your application directly to Dropbox. Make sure your resume is up to date and highlights relevant experience for this role.
Apply Now at DropboxApply to Multiple Jobs with AI
Let our AI automatically apply to hundreds of remote jobs on your behalf. Just upload your resume and set your preferences.
500+
Jobs Applied
24/7
Auto-Apply
5 min
Setup Time
You Might Also Like
Who Are We? Postman is the world’s leading API platform, used by more than 45 million+ developers and 500,000 organizations, including 98% of the Fort...
Who Are We? Postman is the world’s leading API platform, used by more than 45 million+ developers and 500,000 organizations, including 98% of the Fort...
Cerebral and Resilience Lab have joined forces to build a new standard in mental health care —one that emphasizes better outcomes through stronger cli...