Director of Risk and Compliance


San Francisco, CA, US
  • Job Type: Full-Time
  • Function: Legal
  • Post Date: 03/03/2021
  • Website:
  • Company Address: , San Francisco, CA, 94107

About Dropbox

Dropbox is the world’s first smart workspace that helps people and teams focus on the work that matters. With more than 600 million registered users across 180 countries, we’re on a mission to design a more enlightened way of working. Dropbox is headquartered in San Francisco, CA, and has 12 offices around the world.

Job Description

Dropbox is now a Virtual First company, which means work outside of an office will be the primary experience for all employees. Being Virtual First also means the location of our employees is targeted but flexible. If “Location Flexible” is listed in the job title of a role, the role can be located in any of the states where Dropbox is authorized to do business.** Some roles (including those which do not have “Location Flexible” in the job title), however, may have to be co-located with their teams in certain locations. Please work with your recruiter and your hiring manager to understand any location constraints of a particular role and to communicate your location preferences. **Dropbox is authorized to do business in many, but not all, states. If you are not located in or able to work from a state where Dropbox is registered, you will not be eligible for employment. Please speak with your recruiter to learn more about where Dropbox is registered.

Dropbox is one place to keep life organized and keep work moving. With more than 600 million registered users across 180 countries, we’re on a mission to design a more enlightened way of working. Dropbox is headquartered in San Francisco, CA, and has offices around the world. For more information on our mission and products, visit

Team Description

Our Legal, Policy, and Risk & Compliance teams help keep users and their stuff safe, protect Dropbox, counsel Dropboxers on challenging problems, and are always synced with the Dropbox teams they work with. We deal with novel issues every day while standing up for users and helping the company and product grow.

Role Description

Protecting Dropbox and our users is critical to being worthy of trust. As the Director of Risk & Compliance at Dropbox, you will lead a world-class team to implement, operate, and scale global compliance programs to promote user trust and manage risks to their data. You will partner deeply with teams across the organization from Security to Infrastructure Engineering to Product Counsel to IT. You will assist the Head of Risk & Compliance in managing risks to Dropbox and users alike, ensuring Dropbox meets our security, privacy, and regulatory commitments.
The right individual for this role needs to have a demonstrated ability to build and lead successful Risk & Compliance teams. You will need deep experience across a variety of compliance frameworks, a strong understanding of technical concepts, and an ability to drive complex projects and problems through completion.


  • Lead the compliance team within our Governance, Risk, & Compliance (GRC) function to design, implement, and continuously improve programs to address key company risks and prepare internal teams for independent assessments against regulatory and compliance frameworks
  • Guide the compliance team to solve complex, cross-functional challenges related to compliance programs such as: SOC 2, ISO 27001, HIPAA, PCI, FedRAMP, SOX, and more
  • Develop career paths and professional growth opportunities for compliance team members
  • Support the Head of Risk & Compliance in driving and scaling global compliance programs while leading ongoing risk and compliance initiatives and monitoring control effectiveness
  • Champion compliance initiatives by building deep, collaborative relationships with cross-functional leaders throughout the organization


  • 6+ years of experience building or operating programs to mitigate risks around security, confidentiality, integrity, availability, and privacy
  • 3+years of experience managing Risk & Compliance teams with a successful track record of building teams, mentoring, and developing talent
  • Extensive experience facilitating or being the subject of ISO 27001, SOC 2, PCI, and/or FedRAMP audits at a fast-paced technology company, public accounting firm, or similar environment
  • A thorough understanding of technical concepts relevant to cloud computing environments: logical access control, agile development process, secure coding principles, security architecture, information security, network security, and privacy
  • Great people skills and an ability to work well in fast-paced team environment with a wide range of technical and non-technical teams
  • CISA, CISSP, CCSK, CIPP, or other professional certifications/associations a plus
Dropbox is an equal opportunity employer. We are a welcoming place for everyone, and we do our best to make sure all people feel supported and connected at work. A big part of that effort is our support for members and allies of internal groups like Asians at Dropbox, BlackDropboxers, Latinx, Pridebox (LGBTQ), Vets at Dropbox, Women at Dropbox, ATX Diversity (based in Austin, Texas) and the Dropbox Empowerment Network (based in Dublin, Ireland).

Benefits and Perks

  • Generous company contribution toward individual medical, dental, & vision insurance coverage
  • 401k + company match
  • Market competitive total compensation package
  • Free Dropbox space for your friends and family
  • Wellness Reimbursement
  • Generous vacation policy
  • 10 company paid holidays
  • Volunteer time off
  • Company sponsored tech talks (technology and other relevant professional topics)

Related Jobs

Intern, Site Reliability Engineering (Summer 202z1) - Location Flexible

Dropbox - San Francisco, CA, USRemote

Mobile Software Engineer (iOS) - Location Flexible

Dropbox - San Francisco, CA, USRemote

Staff Software Engineer - Location Flexible

Dropbox - San Francisco, CA, US

Senior Software Engineer, HelloSign - Location Flexible

Dropbox - San Francisco, CA, USRemoteUnited States of America

Senior Site Reliability Engineer - Location Flexible

Dropbox - San Francisco, CA, USRemote
Disclaimer: Local Candidates Only
This company does NOT accept candidates from outside recruiting firms. Agency contacts are not welcome.