Risk & Governance Manager

Role Description As a Risk & Governance Manager at Dropbox, you will join the Governance, Risk, & Compliance (GRC) team , you will help mature and scale programs that enable Dropbox to make thoughtful, risk-informed decisions. This is a broad, cross-functional role supporting multiple areas of the GRC program, including enterprise risk management, AI governance, business resilience, third-party risk, internal controls, audit readiness, and risk reduction initiatives. You will partner closely with teams across Security, Privacy, Engineering, Product, Legal, and Compliance to identify, assess, prioritize, and reduce risk across Dropbox’s products, services, and operations. This role is ideal for someone who enjoys working across domains, can bring structure to ambiguous problems, and is comfortable translating complex technical, regulatory, and business considerations into practical governance programs. Additionally, you will be responsible for implementing programs and controls to help us maintain user trust and adhere to Dropbox’s AI principles and trust policies . You will help both Dropbox and our customers make informed decisions about the use of AI products and services . Responsibilities Governance Program Management Support the design, implementation, and continuous improvement of Dropbox’s Governance, Risk, and Compliance programs, including quantitative risk management (FAIR), governance, controls, compliance readiness, issue management, and risk reporting. Plan and execute risk assessments, gap analyses, certification readiness activities, compliance reviews, and audit support processes across areas such as security, privacy, AI, reliability, third-party services, and operational risk. Partner with cross-functional stakeholders to identify risks, assess impact and likelihood, define mitigation plans, assign owners, and track risk reduction efforts through completion. Drive risk reduction projects that strengthen Dropbox’s control environment, improve operat