Risk & Governance Manager

Dropbox

. Support the design, implementation, and continuous improvement of Dropbox’s Governance, Risk, and Compliance programs, including quantitative risk management (FAIR), governance, controls, compliance readiness, issue management, and risk reporting.

Posted 5/7/2026full-timeRemote • 🇺🇸 United StatesSeniorLead💰 $160,700 - $217,300 per yearWebsite

Tech Stack

Tools & technologies

Cloud

About the role

Key responsibilities & impact

Support the design, implementation, and continuous improvement of Dropbox’s Governance, Risk, and Compliance programs, including quantitative risk management (FAIR), governance, controls, compliance readiness, issue management, and risk reporting.
Plan and execute risk assessments, gap analyses, certification readiness activities, compliance reviews, and audit support processes across areas such as security, privacy, AI, reliability, third-party services, and operational risk.
Partner with cross-functional stakeholders to identify risks, assess impact and likelihood, define mitigation plans, assign owners, and track risk reduction efforts through completion.
Drive risk reduction projects that strengthen Dropbox’s control environment, improve operational maturity, and help teams make risk-informed decisions.
Coordinate improvements to internal risk management systems, workflows, documentation, reporting, and policies to increase consistency, transparency, and program effectiveness.
Collaborate with internal and external auditors throughout compliance engagements, including evidence collection, stakeholder coordination, gap remediation, and management reporting.
Support risk reviews of third-party service providers and help connect third-party findings to broader enterprise risk, compliance, and customer trust objectives.
Lead or support complex, cross-functional governance initiatives, such as software asset management, control rationalization, audit readiness, or risk remediation programs.
Play an active role in risk incident readiness and response by helping teams prepare for, mitigate, respond to, recover from, and learn from risk events.

Requirements

What you’ll need

7+ years of experience building or maintaining risk, governance, compliance, audit, business resilience, security, privacy, or related programs
Experience at a publicly traded, fast paced SaaS company
Experience managing and reducing AI, security, privacy, or reliability risks
Knowledge of FAIR quantitative risk methodologies
Familiarity with a broad range of technical concepts relevant to cloud computing and SaaS environments: logical access, agile development process, security architecture, information security, network security, and privacy
Strong project management and organizational skills
Collaborative working style and strong relationship-building skills, with the ability to work effectively with both technical and non-technical teams
Excellent writing, communication, organizational skills, and strong attention to detail
Ability to confidently convey nuanced information to senior leaders
Related professional certifications such as AIGP (AI Governance Professional) or CIPP (Certified Information Privacy Professional) preferred.

Benefits

Comp & perks

Health insurance
401(k) matching
Flexible work hours
Paid time off
Remote work options

ATS Keywords

✓ Tailor your resume

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

risk managementFAIRcompliance reviewsaudit supportrisk assessmentsgap analysessecurity architectureinformation securitynetwork securityprivacy

Soft Skills

project managementorganizational skillscollaborative working stylerelationship-building skillscommunication skillsattention to detailability to convey informationcross-functional collaborationrisk-informed decision makingstakeholder coordination

Certifications

AIGPCIPP