Risk & Compliance Manager
Remote - US; Remote - Canada
Dropbox
Dropbox helps you simplify your workflow. So you can spend more time in your flow.Role Description
Protecting Dropbox and our users is critical to being worthy of trust. As a Governance, Risk & Compliance Manager at Dropbox, you will join a growing team to design, implement, and coordinate programs to promote user trust and manage risks to their data. You will work with teams across the organization, from Engineering, Product, & Infrastructure, to Sales to Customer Experience, in order to manage risks to Dropbox and users alike. You will work in depth with other parts of the business to ensure Dropbox meets our security, privacy, and regulatory commitments. If you are passionate about protecting Dropbox and our users, are looking for an opportunity to stretch and grow yourself in a dynamic team, and thrive in an environment where you can constantly learn, then this role is for you.Responsibilities
- Promote and foster a culture of trust at Dropbox
- Design, implement, maintain, and improve programs to address key company risks and prepare internal teams for independent assessments against a wide variety of regulatory and compliance frameworks (ISO 27001, ISO 27017, ISO 27018, ISO 22301, ISO 27701)
- Solve a broad range of large, complex, cross-functional challenges such as SOC compliance, PCI compliance, ISMAP compliance, and/or SOX compliance
- Improve controls for internal systems, processes, and policies
- Facilitate ongoing risk and compliance initiatives and monitor control effectiveness
- Collaborate with internal teams and external auditors throughout compliance assessments
- Drive automation efforts across the Compliance function
- Identify opportunities impacting the Compliance function and establish the strategy and cross-functional alignment to achieve these objectives
Requirements
- 2+ years of experience building or maintaining programs to mitigate risks around security, confidentiality, integrity, availability, and privacy
- Experience facilitating or being the subject of SOC, ISO, and/or FedRAMP audits at a fast-paced technology company, public accounting firm, or similar environment
- Experience partnering with Engineering, Product, & Development teams to define compliance needs in a multi-product environment
- Strong familiarity with a broad range of technical concepts relevant to cloud computing environments: logical access control, agile development process, secure coding principles, security architecture, information security, network security, and privacy
- Strong project management and organizational skills - must drive your own projects to completion
- Great people skills and ability to work well in fast paced team environment with a wide range of technical and non-technical teams
- Excellent writing, communication, and organizational skills - strong attention to detail
- Passion to aim higher and develop new skills
- CISA, CISSP, CCSK, CIPP, or other professional certifications/associations a plus
Tags: Agile Audits Automation CIPP CISA CISSP Cloud Compliance FedRAMP Governance ISO 22301 ISO 27001 Network security Privacy Strategy
Perks/benefits: Career development
Regions:
Remote/Anywhere
North America
Countries:
Canada
United States
Job stats:
32
5
0
Categories:
Compliance Jobs
Leadership Jobs
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Cyber Security Engineer jobs
- Open Product Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open IT Security Analyst jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open IT Security Engineer jobs
- Open Senior Cyber Security Specialist jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open Security Clearance-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open IDS-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open CI/CD-related jobs