Senior Governance, Risk, Compliance Program Manager

This is a fully remote position, open to applicants in United States.

📋 Description

• Cultivate and promote a culture of trust both within Dropbox and externally.

• Collaborate with teams to implement cross-functional and/or multi-phase projects from design through execution, adhering to various regulatory and compliance frameworks, particularly those specific to AI.

• Determine effective solutions to clarify and address ambiguous, open-ended challenges across diverse compliance programs.

• Enhance our overall compliance program by improving and implementing controls for internal systems, processes, and policies through innovative approaches, leveraging automation and AI-driven processes.

• Support ongoing AI Governance, Risk, and Compliance initiatives while assessing the effectiveness of controls.

• Work alongside internal teams and external auditors during compliance evaluations.

• Actively engage in addressing and mitigating compliance issues across multiple time zones and jurisdictions.

• Propel automation initiatives within the Compliance function utilizing AI-enabled GRC automation tools.

• Recognize opportunities affecting the Compliance function and develop strategies and cross-functional alignment to meet these goals.

• Conduct gap analyses to pinpoint areas of non-compliance or opportunities for enhancement, and formulate action plans to rectify these gaps.

• Advise management on the implications of new laws and regulations, recommending necessary adjustments in business practices.

⛳️ Requirements

• Over 7 years of experience in developing or maintaining programs aimed at mitigating risks related to security, confidentiality, integrity, availability, and privacy.

• Independently drives cross-team and/or multi-phase projects from conception through execution.

• Capable of identifying appropriate solutions to clarify and resolve ambiguous, open-ended issues.

• Regularly employs AI tools to enhance workflows, critically assess outputs, and assist others in adopting these tools when suitable.

• Experience in facilitating or being subject to SOC, ISO, HIPAA, and/or PCI audits in a fast-paced technology setting, public accounting firm, or comparable environment.

• Proven ability to partner with Engineering, Product, and Development teams to ascertain compliance requirements in a multi-product context.

• Strong understanding of a wide range of technical concepts pertinent to cloud computing environments: logical access control, agile development processes, secure coding principles, security architecture, information security, network security, and privacy.

• Experience in implementing compliance programs for emerging products, including those enabled by AI.

• In-depth knowledge of cloud-based technologies and their implications for governance, risk, and compliance, with a focus on AI compliance requirements.

• Exceptional project management and organizational skills; must independently drive projects to completion with high-level guidance from a manager, while fostering collaboration and uniting teams to achieve shared goals.

• Excellent interpersonal skills and the ability to thrive in a fast-paced team environment with diverse technical and non-technical groups.

• Strong writing, communication, and organizational skills with a keen attention to detail.

• A strong desire to aim higher and acquire new skills.

• Relevant professional certifications/associations such as CISA, CISSP, CCSK, CIPP, or others are required.

🏝️ Benefits

• Health insurance

• 401(k) matching

• Flexible work hours

• Paid time off

• Remote work options