Need help hiring top legal talent? Contact our team.
Company logo

Governance, Risk & Compliance Manager

$138,000- $233,400/ year
Posted Jun 08
Full Time

Company Description

Dropbox is a special place where we are all seeking to fulfill our mission to design a more enlightened way of working. We’re looking for innovative talent to join us on our journey. The words shared by our founders at the start of Dropbox still ring true today. Wouldn’t it be great if our working environment—and the tools we use—were designed with people’s actual needs in mind? Imagine if every minute at work were well spent—if we could focus and spend our time on the things that matter. This is possible, and Dropbox is connecting the dots. The nearly 3,000 Dropboxers around the world have helped make Dropbox a living workspace - the place where people come together and their ideas come to life. Our 700+ million global users have been some of our best salespeople, and they have helped us acquire customers with incredible efficiency. As a result, we reached a billion dollar revenue run rate faster than any software-as-a-service company in history. Dropbox is making the dream of a fulfilling and seamless work life a reality. We hope you’ll join us on the journey.

Team Description

Our Legal, Policy, Trust & Privacy teams help keep users and their stuff safe, protect Dropbox, counsel Dropboxers on challenging problems, and are always synced with the Dropbox teams they work with. We deal with novel issues every day while standing up for users and helping the company and product grow.

Role Description

Protecting Dropbox and our users is critical to being worthy of trust. As a Compliance Manager at Dropbox, you will join a growing team to design, implement, and coordinate programs to promote user trust and manage risks to their data. You will work with teams across the organization, from Engineering, Product, & Infrastructure, to Sales to Customer Experience, in order to manage risks to Dropbox and users alike. You will work in depth with other parts of the business to ensure Dropbox meets our security, privacy, and regulatory commitments.

If you are passionate about protecting Dropbox and our users, are looking for an opportunity to stretch and grow yourself in a dynamic team, and thrive in an environment where you can constantly learn, then this role is for you.

As a Compliance Manager on the Governance, Risk & Compliance team, you will play a crucial role in building Compliance across our product set. You will be responsible for completing all compliance related tasks to enable our products to be a secure, safe, and effective platform for individual users and businesses that meets global compliance standards and regulatory requirements.


  • Promote and foster a culture of trust within and outside of Dropbox.
  • Lead a team to execute on cross-team and/or multi-phase projects from design through implementation against a wide variety of regulatory and compliance frameworks (SOC 1/2/3/, ISO 27001, ISO 27017, ISO 27018, ISO 22301, ISO 27701, ISO 42001, HIPAA, NIST, ISMAP, etc.).
  • Identify the right solutions to clarify and solve ambiguous, open-ended problems across various compliance programs. 
  • Mature our overall compliance program. Improve and implement controls for internal systems, processes, and policies through bold and innovative approaches.
  • Facilitate ongoing risk and compliance initiatives and monitor control effectiveness.
  • Collaborate with internal teams and external auditors throughout compliance assessments.
  • Play an active part in responding and mitigating compliance challenges across multiple time zones and jurisdictions.
  • Drive automation efforts across the Compliance function via the ServiceNow GRC module.
  • Identify opportunities impacting the Compliance function and establish the strategy and cross-functional alignment to achieve these objectives.  
  • Conduct gap assessments to identify areas of non-compliance or areas for improvement, and develop action plans to address these gaps.
  • Provide guidance to management on the impact of new laws and regulations and recommend changes in business practices where necessary.


  • 8+ years of experience building or maintaining compliance programs across a wide variety of regulatory and compliance frameworks (SOC 1/2/3/, ISO 27001, ISO 27017, ISO 27018, ISO 22301, ISO 27701, ISO 42001, HIPAA, NIST, ISMAP, etc.).
  • Familiarity with a broad range of technical concepts relevant to cloud computing environments: logical access, agile development process, security architecture, information security, network security, and privacy.
  • Deep subject matter expertise in Compliance programs, preferably within the Tech Sector.
  • Strong project management and organizational skills.
  • Great people skills and ability to work well in fast paced team environment with a wide range of technical and non-technical teams.
  • Excellent writing, communication, and organizational skills - strong attention to detail.
  • Ability to confidently convey nuanced information to senior leaders. 

Preferred Qualifications

  • Experience at a fast paced technology company.
  • Ability to communicate complex topics succinctly to a wide range of audiences, including executives.
  • Sufficient technical knowledge to have effective conversations with Dropbox engineers and product teams.

Total Rewards

US Zone 1
$172,600—$233,400 USD
US Zone 2
$155,300—$210,100 USD
US Zone 3
$138,000—$186,800 USD

The range(s) listed above is the expected annual salary/OTE for this role, subject to change.

Dropbox takes a number of factors into account when determining individual starting pay, including job and level they are hired into, location/metropolitan area, skillset, and peer compensation.  We target most new hire offers between the minimum up to the middle of the range.

Salary/OTE is just one component of Dropbox’s total rewards package. All regular employees are also eligible for the corporate bonus program or a sales incentive (target included in OTE) as well as stock in the form of Restricted Stock Units (RSUs).

Dropbox uses the zip code of an employee’s remote work location to determine which metropolitan pay range we use. Current US Zone locations are as follows:
• US Zone 1: San Francisco metro, New York City metro, or Seattle metro
• US Zone 2: Austin (TX) metro, Chicago metro, California (outside SF metro), Colorado, Connecticut (outside NYC metro), Delaware, Massachusetts, New Hampshire, New York (outside NYC metro), Oregon, Pennsylvania (outside NYC or DC metro), Washington DC metro, and West Virginia (DC metro)
• US Zone 3: All other US locations

Dropbox is a Virtual First company and is open to hiring candidates in all authorized locations. However, for this role, the locations posted are preferred.


Dropbox is committed to investing in the holistic health and wellbeing of all Dropboxers and their families. Our benefits and perks programs include, but are not limited to: 

  • Competitive medical, dental and vision coverage
  • (US Only) Competitive 401(k) Plan with a generous company match and immediate vesting
  • Flexible Time Off/Paid Time Off, paid holidays, Volunteer time off and more
  • Protection Plans including; Life Insurance, Disability Insurance and Travel benefit plans
  • Perks Allowance to be used on what matters most to you, whether that’s wellness, learning and development, food & groceries, and much more
  • Parental benefits including; Parental Leave, Child and Adult Care, Day Care FSA (US Only), Fertility Benefits (US Only), Adoption and Surrogacy support and Lactation Support  

Mental Health and Wellness benefits Free Dropbox space for your friends and family 

Additional benefits details are available upon request.

Dropbox is an equal opportunity employer. We are a welcoming place for everyone, and we do our best to make sure all people feel supported and connected at work. A big part of that effort is our support for members and allies of internal groups like Asians at Dropbox, BlackDropboxers, Latinx, Pridebox (LGBTQ), Vets at Dropbox, Women at Dropbox, ATX Diversity (based in Austin, Texas) and the Dropbox Empowerment Network (based in Dublin, Ireland).