Provide guidance on Privacy, Risk, and Compliance for Reclaim. Collaborate with teams to implement compliance standards and manage security artifacts.
Role Description
In this role, you will provide exceptional guidance and expertise regarding Privacy, Risk and Compliance for the Reclaim Platform (https://reclaim.ai). You will play a crucial role in developing and implementing best practices around Risk, Privacy and Compliance for Reclaim. You’ll do this by working with the broader Dropbox Privacy teams, observing compliance requirements, speaking with customers and working directly as a member of the Reclaim team. You will play a crucial role in our compliance efforts including SOC2 and similar audit projects, and advocating the overall Privacy and Security posture for Reclaim to external customers, and the rest of Dropbox.
Responsibilities- Working with customers to answer questions and provide guidance on Reclaim’s security posture
- Working with technical engineering teams on identifying vulnerabilities, tracking remediation and establishing controls
- Provide security and privacy consulting to customers, teams and business partners
- Collaborate with Dropbox Privacy, Compliance, Legal and ITS teams to align compliance activities/standards for Reclaim with broader Dropbox standards, programs and goals
- Perform hands-on gap analysis and risk assessments to identify, document and track information security and privacy risks for the Reclaim.ai business
- Own and manage customer facing privacy and security artifacts including relevant sections of the website such as the Privacy Policy, DPA, and Reclaim’s Trust Center
- Manage inbound DSR and similar privacy requests from customers
- 5+ yrs of experience in technology governance, risk or compliance roles in a large and/or high growth organization
- Deep understanding and hands-on experience with compliance standards such as SOC2, ISO27001, NIST and SSPA and associated controls.
- Ability to partner and navigate in a large cross functional organization working with teams in Engineering, Privacy, IT, Legal and Procurement.
- Deep understanding of privacy standards and frameworks including GDPR, DPF, CCPA and similar country and state level requirements.
- Strong documentation skills with a focus on product documentation, risk assessments, threat modeling and similar.
- Experience with vulnerability management and security incident management programs, standards and tooling
- Experience leading a large compliance activity and working directly with auditors
- Technical expertise with cloud-native environments and associated security controls and tools, specifically: AWS, database security, and vulnerability management
- Experience with security automation and process streamlining in the context of security risk management
- Product Management experience in a product-security context - to help define and build security related features into the Reclaim.ai platform (SSO, SCIM, audit logging, etc..)
- Interest in calendars, scheduling and time management
US Zone 1
This role is not available in Zone 1
US Zone 2
$156,100—$211,100 USD
US Zone 3
$138,700—$187,700 USD
Top Skills
AWS
Ccpa
Dpf
Gdpr
Iso27001
Nist
Soc2
Dropbox Seattle, Washington, USA Office
View Gallery
Though remote is our primary way of working, meaningful in-person connection and collaboration is a critical part of Virtual First. Our Seattle Studio is a place for teams to come together to host meetings, off-sites, and build community.
Similar Jobs at Dropbox
Artificial Intelligence • Cloud • Consumer Web • Productivity • Software • App development • Data Privacy
As an Engineering Manager at Dropbox, you'll lead a team to enhance the Sync Engine, ensuring quality software delivery and fostering innovation while managing a collaborative team culture.
Top Skills:
C++Rust
Artificial Intelligence • Cloud • Consumer Web • Productivity • Software • App development • Data Privacy
The Data Scientist will analyze user behavior, develop segmentation strategies, and create dashboards to optimize product engagement and revenue.
Top Skills:
HadoopPythonRSQL
Artificial Intelligence • Cloud • Consumer Web • Productivity • Software • App development • Data Privacy
Lead technical strategy and execution across multi-platform Experiences teams at Dropbox, ensuring scalable architecture and high-quality infrastructure improvements while mentoring other engineers.
Top Skills:
Browser ExtensionsDesktopElectronMobileWeb
What you need to know about the Seattle Tech Scene
Home to tech titans like Microsoft and Amazon, Seattle punches far above its weight in innovation. But its surrounding mountains, sprinkled with world-famous hiking trails and climbing routes, make the city a destination for outdoorsy types as well. Established as a logging town before shifting to shipbuilding and logistics, the Emerald City is now known for its contributions to aerospace, software, biotech and cloud computing. And its status as a thriving tech ecosystem is attracting out-of-town companies looking to establish new tech and engineering hubs.
Key Facts About Seattle Tech
- Number of Tech Workers: 287,000; 13% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Amazon, Microsoft, Meta, Google
- Key Industries: Artificial intelligence, cloud computing, software, biotechnology, game development
- Funding Landscape: $3.1 billion in venture capital funding in 2024 (Pitchbook)
- Notable Investors: Madrona, Fuse, Tola, Maveron
- Research Centers and Universities: University of Washington, Seattle University, Seattle Pacific University, Allen Institute for Brain Science, Bill & Melinda Gates Foundation, Seattle Children’s Research Institute
