💼 About This Role

You'll build and operate Docker's enterprise risk management program and lead the AI governance initiative. Your work will ensure responsible AI use and embed risk awareness across Engineering, Product, Legal, and IT. This role is perfect for a builder who thrives in a remote-first, fast-paced environment.

🎯 What You'll Do

• Own compliance program roadmap aligning frameworks with business objectives
• Lead cross-functional compliance initiatives with Engineering, Product, Legal, and IT
• Design and maintain unified control framework cross-mapped to NIST 800-53
• Plan and execute internal audits end-to-end

📋 Requirements

• 4-6 years in Information Security, Governance, Risk, and Compliance
• Experience building or operating an enterprise risk management program
• Experience with third-party risk management
• Working knowledge of ISO 27001, SOC 2, NIST 800-53, and GDPR

✨ Nice to Have

• Relevant certifications: CRISC, CISA, CISSP, or CCSK
• Experience with GRC platforms (Anecdotes, ServiceNow GRC, OneTrust)
• Experience with automation or scripting for risk management workflows

🎁 Benefits & Perks

• 🏖️ Unlimited PTO
• 💰 Equity packages
• 🏠 Remote-first culture
• 📈 Professional development budget
• 🩺 Health and wellness benefits

📨 Hiring Process

Estimated timeline: 2-4 weeks · AI estimate

1. 1Recruiter call· 30 min
2. 2Technical interview· 60 min
3. 3Hiring manager call· 45 min