Risk & Compliance Partner
Role Description
In this role, you will provide exceptional guidance and expertise regarding Privacy, Risk and Compliance for the Reclaim Platform (https://reclaim.ai). You will play a crucial role in developing and implementing best practices around Risk, Privacy and Compliance for Reclaim. You’ll do this by working with the broader Dropbox Privacy teams, observing compliance requirements, speaking with customers and working directly as a member of the Reclaim team. You will play a crucial role in our compliance efforts including SOC2 and similar audit projects, and advocating the overall Privacy and Security posture for Reclaim to external customers, and the rest of Dropbox.
Responsibilities
Working with customers to answer questions and provide guidance on Reclaim’s security posture
Working with technical engineering teams on identifying vulnerabilities, tracking remediation and establishing controls
Provide security and privacy consulting to customers, teams and business partners
Collaborate with Dropbox Privacy, Compliance, Legal and ITS teams to align compliance activities/standards for Reclaim with broader Dropbox standards, programs and goals
Perform hands-on gap analysis and risk assessments to identify, document and track information security and privacy risks for the Reclaim.ai business
Own and manage customer facing privacy and security artifacts including relevant sections of the website such as the Privacy Policy, DPA, and Reclaim’s Trust Center
Manage inbound DSR and similar privacy requests from customers
Requirements
5+ yrs of experience in technology governance, risk or compliance roles in a large and/or high growth organization
Deep understanding and hands-on experience with compliance standards such as SOC2, ISO27001, NIST and SSPA and associated controls.
Ability to partner and navigate in a large cross functional organization working with teams in Engineering, Privacy, IT, Legal and Procurement.
Deep understanding of privacy standards and frameworks including GDPR, DPF, CCPA and similar country and state level requirements.
Strong documentation skills with a focus on product documentation, risk assessments, threat modeling and similar.
Experience with vulnerability management and security incident management programs, standards and tooling
Preferred Qualifications
Experience leading a large compliance activity and working directly with auditors
Technical expertise with cloud-native environments and associated security controls and tools, specifically: AWS, database security, and vulnerability management
Experience with security automation and process streamlining in the context of security risk management
Product Management experience in a product-security context - to help define and build security related features into the Reclaim.ai platform (SSO, SCIM, audit logging, etc..)
Interest in calendars, scheduling and time management
Compensation
US Zone 1
This role is not available in Zone 1
US Zone 2
$156,100—$211,100 USD
US Zone 3
$138,700—$187,700 USD
About the job
Apply for this position
Risk & Compliance Partner
Role Description
In this role, you will provide exceptional guidance and expertise regarding Privacy, Risk and Compliance for the Reclaim Platform (https://reclaim.ai). You will play a crucial role in developing and implementing best practices around Risk, Privacy and Compliance for Reclaim. You’ll do this by working with the broader Dropbox Privacy teams, observing compliance requirements, speaking with customers and working directly as a member of the Reclaim team. You will play a crucial role in our compliance efforts including SOC2 and similar audit projects, and advocating the overall Privacy and Security posture for Reclaim to external customers, and the rest of Dropbox.
Responsibilities
Working with customers to answer questions and provide guidance on Reclaim’s security posture
Working with technical engineering teams on identifying vulnerabilities, tracking remediation and establishing controls
Provide security and privacy consulting to customers, teams and business partners
Collaborate with Dropbox Privacy, Compliance, Legal and ITS teams to align compliance activities/standards for Reclaim with broader Dropbox standards, programs and goals
Perform hands-on gap analysis and risk assessments to identify, document and track information security and privacy risks for the Reclaim.ai business
Own and manage customer facing privacy and security artifacts including relevant sections of the website such as the Privacy Policy, DPA, and Reclaim’s Trust Center
Manage inbound DSR and similar privacy requests from customers
Requirements
5+ yrs of experience in technology governance, risk or compliance roles in a large and/or high growth organization
Deep understanding and hands-on experience with compliance standards such as SOC2, ISO27001, NIST and SSPA and associated controls.
Ability to partner and navigate in a large cross functional organization working with teams in Engineering, Privacy, IT, Legal and Procurement.
Deep understanding of privacy standards and frameworks including GDPR, DPF, CCPA and similar country and state level requirements.
Strong documentation skills with a focus on product documentation, risk assessments, threat modeling and similar.
Experience with vulnerability management and security incident management programs, standards and tooling
Preferred Qualifications
Experience leading a large compliance activity and working directly with auditors
Technical expertise with cloud-native environments and associated security controls and tools, specifically: AWS, database security, and vulnerability management
Experience with security automation and process streamlining in the context of security risk management
Product Management experience in a product-security context - to help define and build security related features into the Reclaim.ai platform (SSO, SCIM, audit logging, etc..)
Interest in calendars, scheduling and time management
Compensation
US Zone 1
This role is not available in Zone 1
US Zone 2
$156,100—$211,100 USD
US Zone 3
$138,700—$187,700 USD