Senior Analyst, Risk & Compliance
San Francisco, CA
Dropbox is a leading global collaboration platform that's transforming the way people work together, from the smallest business to the largest enterprise. With more than 500 million registered users across more than 180 countries, our mission is to unleash the world’s creative energy by designing a more enlightened way of working. Headquartered in San Francisco, CA, Dropbox has more than 12 offices around the world.
Our Legal, Policy, Trust & Privacy teams help keep users and their stuff safe, protect Dropbox, counsel Dropboxers on challenging problems, and are always synced with the Dropbox teams they work with. We deal with novel issues every day while standing up for users and helping the company and product grow.
Protecting Dropbox and our users is critical to being worthy of trust. As a Senior Analyst, Risk & Compliance at Dropbox, you will join a growing team to design, implement, and coordinate programs to promote user trust and manage risks to their data. You will work with teams across the organization, from Product & Infrastructure Engineering to Sales to Customer Experience, to manage risks to Dropbox and users alike. You will work in depth with other parts of the business to ensure Dropbox meets our security, privacy, and regulatory commitments.
If you are passionate about protecting Dropbox and our users, are looking for an opportunity to stretch and grow yourself in a dynamic team, and thrive in an environment of uncertainty, then this role is for you.
Promote and foster a culture of trust at Dropbox
Design, implement, maintain, and improve programs to address key company risks and prepare internal teams for independent assessments against a wide variety of regulatory and compliance frameworks
Solve a broad range of large, complex, cross-functional challenges such as SOX compliance, SOC compliance, export compliance, HIPAA, and FCPA compliance
Improve controls for internal systems, processes, and policies
Facilitate ongoing risk and compliance initiatives and monitor control effectiveness
Collaborate with internal teams and external auditors throughout compliance assessments
2+ years of experience building or maintaining programs to mitigate risks around security, privacy, integrity, and availability
Experience facilitating or being the subject of SOX, SOC, PCI, and/or ISO audits at a fast-paced technology company, Big Four public accounting firm, or similar environment
Familiarity with a broad range of technical concepts relevant to cloud computing environments: logical access control, agile development process, secure coding principles, security architecture, information security, network security, and privacy
Strong project management and organizational skills - must drive your own projects to completion
Great people skills and ability to work well in fast-paced team environment with a wide range of technical and non-technical teams
Excellent writing, communication, and organizational skills - strong attention to detail
Passion to aim higher and develop new skills
CISA, CISSP, CCSK, CIPP, or other professional certifications/associations a plus
Benefits and Perks
100% company paid individual medical, dental, & vision insurance coverage
401k + company match
Market competitive total compensation package
Free Dropbox space for your friends and family
Generous vacation policy
10 company paid holidays
Volunteer time off
Company sponsored tech talks (technology and other relevant professional topics)
Dropbox is an equal opportunity employer. We are a welcoming place for everyone, and we do our best to make sure all people feel supported and connected at work. A big part of that effort is our support for members and allies of internal groups like Asians at Dropbox, BlackDropboxers, Latinx, Pridebox (LGBTQ), Vets at Dropbox, Women at Dropbox, ATX Diversity (based in Austin, Texas) and the Dropbox Empowerment Network (based in Dublin, Ireland).
To apply, visit our jobs page: https://www.dropbox.com/jobs/listing/1564173/apply