Director of Security, GRC

<div class="content-intro"><h2>Join us in building the future of finance.</h2> <p>Our mission is to democratize finance for all. <a href="https://www.cerulli.com/press-releases/cerulli-anticipates-124-trillion-in-wealth-will-transfer-through-2048" target="_blank">An estimated $124 trillion of assets</a> will be inherited by younger generations in the next two decades. The largest transfer of wealth in human history. If you’re ready to be at the epicenter of this historic cultural and financial shift, keep reading.</p></div><h2><strong>About the team + role</strong></h2> <p>We are building an elite team, applying frontier technologies to the world’s biggest financial problems. We’re looking for bold thinkers. Sharp problem-solvers. Builders who are wired to make an impact. Robinhood isn’t a place for complacency, it’s where ambitious people do the best work of their careers. We’re a high-performing, fast-moving team with ethics at the center of everything we do. Expectations are high, and so are the rewards.</p> <p>The Security and Corporate Engineering team at Robinhood safeguards the trust of our customers and the integrity of our platform by proactively managing risks and protecting company and user data. Our mission is to ensure secure growth by embedding security and resilience into the fabric of our technology, culture, and business operations!</p> <p>As Director of Security, GRC, you’ll be a strategic and operational leader guiding enterprise-wide security risk management, policy governance, regulatory compliance, and business continuity planning. You'll collaborate with senior leadership, cross-functional partners, and regulatory bodies to maintain a robust and compliant security posture across Robinhood.</p> <p>This role is based in our Menlo Park, CA or New York, NY office, with in-person attendance expected at least 4 days per week.</p> <p>At Robinhood, we believe in the power of in-person work to accelerate progress, spark innovation, and strengthen community. Our office experience is intentional, energizing, and designed to fully support high-performing teams.</p> <h2><strong>What you’ll do</strong></h2> <ul> <li>Lead the development, automation, and execution of our enterprise security risk management framework, driving mitigation strategies and board-level risk reporting</li> <li>Direct policy development and exception management processes, ensuring effective governance of security standards and exceptions</li> <li>Oversee enterprise business continuity and disaster recovery programs, including execution of simulation exercises and continuous refinement</li> <li>Manage strategic compliance initiatives, coordinating with legal, compliance, and operational teams to meet regulatory requirements and prepare for audits</li> <li>Serve as the primary liaison for security-related board reporting, quantitative risk management, and regulatory engagements, shaping the external and internal narrative on risk</li> </ul> <h2><strong>What you bring</strong></h2> <ul> <li>Proven senior security leader with over 10 years of experience, specializing in scaling through technology, the management of risk, compliance, and business continuity programs.</li> <li>5+ years of experience working with or within US and international financial regulatory environments</li> <li>Proven track record building and scaling GRC programs in highly regulated, fast-paced industries, focused on automation first tooling</li> <li>Strong verbal and written communication and executive presence, with experience preparing and presenting board-level security updates</li> <li>Professional certifications such as CISSP, CIS ... (truncated, view full listing at source)