GRC Compliance & Risk Lead

The Governance, Risk, and Compliance (GRC) team is looking for an experienced Risk & Compliance Lead (Individual Contributor role) with banking and/or financial service experience who is smart, fast, and a hard worker to help drive risk management strategy, regulatory, contractual and compliance frameworks (GLBA, PCI DSS, SOC 2, HIPAA, etc.) related to DoorDash financial service and other vertical products. You will work cross-functionally with a range of teams to manage the compliance readiness program, risk management program including risk identification, gap mitigation, and controls enablement projects. This will be a highly visible and impactful role in which you will be challenged to develop controls, automate processes, and validate adherence to Cybersecurity compliance mandates in a complex and evolving cybersecurity landscape. If you like to work with business partners to understand and creatively address risk, and design controls for cutting edge processes, we want to talk to you You will report to the Sr. Manager - GRC of our Security organization. You’re excited about this opportunity because you will

• Contribute in building the GRC team strategy & roadmap in collaboration stakeholders
• Assist in rollout and adoption of our governance, risk and compliance tool
• Manage the Risk & Compliance program related to DoorDash financial service products
• Oversee the design, implementation and periodic testing of controls in collaboration with security, engineering, IT and other risk functions
• Stand up and provide ongoing monitoring of compliance programs to meet regulatory and contractual obligations of DoorDash financial service products, including GLBA, PCI DSS, SOC 2, HIPAA etc.
• Contribute in managing the Cybersecurity risk management program and recommend appropriate actions.
• Partner closely with cross-functional teams to ensure compliance requirements are built into the design of new products, features, and business initiatives.
• Act as the relationship manager for internal and external audits
• Perform readiness assessments of ongoing business initiatives to determine impact and compliance scope change
• Provide periodic reporting of key performance indicators (KPIs) related to security risks and controls of the program related to DoorDash financial service products.

We’re excited about you because you have

• A bachelor’s degree or higher in an analytical discipline, or equivalent experience
• 6+ years of experience in IT audit, risk management, compliance, or related fields.
• 5+ years of experience in scoping, designing, implementing and managing technical compliance programs using frameworks such as PCI DSS, SOC2, NIST CSF, ISO 27001, etc.
• Experience in conducting IT & Cybersecurity compliance program readiness and/or gap analysis
• Experience managing multiple concurrent projects across functional teams, building sustainable processes
• Ability to understand complex system architecture/data flows, what Cybersecurity risks affect a variety of data, applications and infrastructure.
• Experience solving systemic issues and potential risks that require creative thinking and solutions
• Experience in evaluating business asks taking into consideration risks, controls, and mitigating actions.
• Excellent verbal and written communication skills - you are able to translate business requirements into technical solutions
• CISA, CISSP, or other industry certifications are a plus

Core Skills: Risk mitigation Other Skills: Privacy Seniority: Lead Apply Job!