Jobs/Dropbox/Senior Governance, Risk, & Compliance Program Manager
Dropbox

Senior Governance, Risk, & Compliance Program Manager

RemoteLegalposted 11d agoSenior

About the role

Role Description

As a Senior Governance & Risk Compliance Program Manager on the Governance, Risk , & Compliance team, you will play a crucial role in building Compliance across our product set .

Protecting Dropbox and our users is critical to being worthy of trust. As a Compliance Program Manager at Dropbox, you will join a growing team to design, implement, and coordinate programs to promote user trust and manage risks to their data.

You will work with teams across the organization , including Engineering , Product , Design , and Sales , in order to manage risks to Dropbox and users alike. You will work in depth with other parts of the business to ensure Dropbox meets our security , privacy, and regulatory commitments.

If you are passionate about protecting Dropbox and our users, are looking for an opportunity to stretch and grow yourself in a dynamic team, and thrive in an environment where you can constantly learn , then this role is for you.

Responsibilities

  • Promote and foster a culture of trust within and outside of Dropbox .
  • Partner with teams to execute on cross-team and/or multi-phase projects from design through implementation against a wide variety of regulatory and compliance frameworks , especially AI-specific standards/frameworks
  • Identify the right solutions to clarify and solve ambiguous, open-ended problems across various compliance programs.
  • Mature our overall compliance program. Improve and implement controls for internal systems, processes, and policies through bold and innovative approaches and leveraging automation and AI-enabled processes
  • Facilitate ongoing AI Governance, R isk and C ompliance initiatives and monitor control effectiveness .
  • Collaborate with internal teams and external auditors throughout compliance assessments .
  • Play an active part in responding and mitigating compliance challenges across multiple time zones and jurisdictions.
  • Drive automation efforts across the Compliance function via the AI-enabled GRC automation tool s
  • Identify opportunities impacting the Compliance function and establish the strategy and cross-functional alignment to achieve these objectives.
  • Conduct gap assessments to identify areas of non-compliance or areas for improvement, and develop action plans to address these gaps.
  • Provide guidance to management on the impact of new laws and regulations and recommend changes in business practices where necessary.

Requirements

  • 7 + years of experience building or maintaining programs to mitigate risks around security, confidentiality, integrity, availability, and privacy
  • Independently leads cross-team and/or multi-phase projects from design through implementation
  • Identifies the right solutions to clarify and solve ambiguous, open-ended problems
  • Consistently utilize AI tools to enhance workflows, evaluate outputs with critical judgment, and help others adopt tools where appropriate.
  • Experience facilitating or being the subject of SOC, ISO, HIPAA and/or PCI audits at a fast-paced technology company, public accounting firm, or similar environment
  • Experience partnering with Engineering, Product , & Development teams to define compliance needs in a multi-product environment
  • Strong f amiliarity with a broad range of technical concepts relevant to cloud computing environments: logical access control, agile development process, secure coding principles, security architecture, information security, network security, and privacy
  • Experience with implementing compliance programs for emerging new products, including AI enabled products
  • Strong understanding of cloud-based technologies and their implications for governance, risk, and compliance , with a focus on AI compliance needs
  • Strong project management and organizational skills - must drive your own projects to completion with high-level direction from a manager , while also fostering collaboration and bringing teams together to achieve common objectives.
  • Great people skills and ability to work well in fast paced team environment with a wide range of technical and non-technical teams
  • Excellent writing, communication, and organizational skills - strong attention to detail
  • Passion to aim higher and develop new skills
  • CISA, CISSP, CCSK, CIPP, or other professional certifications/associations required

Preferred

Qualifications

  • Experience in scaling compliance programs within high-growth technology environments — Demonstrated ability to design, implement, and mature compliance frameworks in dynamic, fast-paced organizations where systems, processes, and regulatory expectations evolve rapidly.
  • Moderate technical fluency to partner effectively with engineering and product teams — Ability to translate compliance requirements into actionable technical solutions, with working knowledge of cloud infrastructure, data privacy, security /AI controls.
  • Executive communication and stakeholder management skills — Proven ability to distill complex compliance and regulatory topics into clear, actionable insights for senior leaders, while fostering alignment across technical and non-technical stakeholders.

Compensation

US Zone 1

This role is not available in Zone 1

US Zone 2

$160,700 — $217,300 USD

US Zone 3

$142,800 — $193,200 USD