Senior Director of Governance, Risk and Compliance

div class= content-intro p span style= font-weight: 400; At Ripple, we’re building a world where value moves like information does today. It’s big, it’s bold, and we’re already doing it. Through our crypto solutions for financial institutions, businesses, governments and developers, we are improving the global financial system and creating greater economic fairness and opportunity for more people, in more places around the world. And we get to do the best work of our career and grow our skills surrounded by colleagues who have our backs. nbsp; /span /p p span style= font-weight: 400; If you’re ready to see your impact and unlock incredible career growth opportunities, join us, and build real world value. /span /p /div p strong THE WORK: /strong /p p As the Senior Director of GRC, you will define and lead Ripple s Governance, Risk amp; Compliance strategy. This is a high-impact leadership role at the nexus of security, regulatory compliance, and business strategy in one of the most multifaceted sectors in FinTech. You will build a unified, engineering-first GRC function that spans a diverse and growing team and be the authoritative voice on compliance, risk posture, and governance maturity to senior leadership, regulators, and partners worldwide. /p p strong WHAT YOU LL DO: /strong /p ul li Set the strategic vision and multi-year roadmap for GRC, ensuring programs scale with Ripple s growth and evolving regulatory landscape. /li li Pioneer the use of AI and automation across the GRC function, from continuous control monitoring and automated evidence collection to AI-assisted risk assessments and policy management, reducing manual overhead, accelerating audit readiness, and shifting the program from reactive compliance to predictive risk intelligence. /li li Lead, mentor, and grow a team of GRC Program Managers and Engineers, fostering a culture of rigorous thinking, continuous improvement, and cross-functional collaboration. /li li Design and operate an integrated GRC program spanning Enterprise Risk Management (ERM), Compliance, BCDR, and Internal Audit, with a strong emphasis on data sharing and cross-functional alignment. /li li Own and advance Ripple s regulatory compliance posture across global jurisdictions, including NYDFS, MAS, DFSA, CBI, FSA, DORA, CSSF, GDPR, LGPD, and NIST. /li li Drive and maintain SOC 2 Type II and ISO 27001 certifications across product suites, and provide IT General Controls (ITGC) support for SOX/SOC1 and financial audits. /li li Build and operate a proactive risk management program that continuously aligns InfoSec risks with organizational objectives and drives accountability across engineering and product teams. /li li Lead the Third-Party Risk Management program, setting the standard for vendor security evaluation and supply chain risk at scale. /li li Own the Customer Security Assurance Program, ensuring enterprise customers and partners have clear, confident visibility into Ripple s security posture. /li li Drive a security-first culture by building awareness and training programs that turn every employee into an active line of defense across asset protection, data stewardship, and emerging threat landscapes. /li li Serve as a key executive voice in communicating risk posture, program maturity, and compliance status to the CISO, Board, and external regulators. /li /ul p strong WHAT YOU LL BRING: /strong /p ul li 15+ years of experience in information security GRC, with at least 5+ years in a senior leadership role, preferably in crypto, blockchain, or FinTech. /li li Demonstrated success building and scaling GRC programs from the ground up in a high-growth or M amp;A environment. Experience integrating an acquired entity s security function serves as a significant differentiator. /li li Deep expertise in global regulatory frameworks, including NYDFS, MAS, DFSA, DORA, GDPR, SOC 2, ISO 27001, NIST CSF, and SOX/ITGC. /li li Proven experience leading cross-functional GRC programs that span InfoSec, ERM, Compliance, BCDR, and Internal Audit with a data-driven, systems-first mindset. /li li Strong track record of building automated, self-service evidence collection and audit readiness programs that reduce engineering drag. /li li Experience operating a Third-Party Risk Management program at scale, with hands-on knowledge of vendor security assessments and supply chain risk. /li li Hands-on experience with GRC platforms and comfort driving tooling strategy. /li li Executive-level communication skills, the ability to translate complex risk and compliance concepts into clear, actionable narratives for Board members, regulators, and technical teams alike. /li li Experience with crypto, digital asset, or stablecoin compliance (e.g., SOX attestation for stablecoin reserves, digital asset risk frameworks) is a strong plus. /li li Demonstrated ability to lead and develop geographically distributed, cross-functional teams through periods of change and organizational growth. /li li A builder s mindset: you are drawn to ambiguity, energized by building structure where none exists, and motivated by measurable outcomes. /li /ul div class= content-pay-transparency div class= pay-input div class= description For positions that will be based in CA, the annual salary range for this position is below. Actual salaries may vary based on numerous factors including, among other things, an individual applicant’s experience and qualifications for the position. This range does not include equity or additional compensation, such as bonuses or commissions. nbsp; /div div class= title CA Annual Base Salary Range /div div class= pay-range span $300,000 /span span class= divider mdash; /span span $360,000 USD /span /div /div /div div class= content-conclusion hr p strong WHO WE ARE: /strong /p p span style= font-weight: 400; Do Your Best Work /span /p ul li style= font-weight: 400; span style= font-weight: 400; The opportunity to build in a fast-paced start-up environment with experienced industry leaders /span /li li style= font-weight: 400; span style= font-weight: 400; A learning environment where you can dive deep into the latest technologies and make an impact. nbsp; A professional development budget to support other modes of learning. /span /li li style= font-weight: 400; span style= font-weight: 400; Thrive in an environment where no matter what race, ethnicity, gender, origin, or culture they identify with, every employee is a respected, valued, and empowered part of the team. /span /li li style= font-weight: 400; span style= font-weight: 400; In-office collaboration for moments that matter is important to our culture, and we give managers and teams the flexibility to decide which 10+ days a month they come in. nbsp; /span /li li style= font-weight: 400; span style= font-weight: 400; Bi-weekly all-company meeting - business updates and ask me anything style discussion with our Leadership Team /span /li li style= font-weight: 400; span style= font-weight: 400; We come together for moments that matter which include team offsites, team bonding activities, happy hours and more! /span /li /ul p span style= font-weight: 400; Take Control of Your Finances /span /p ul li style= font-weight: 400; span style= font-weight: 400; Competitive salary, bonuses, and equity /span /li li style= font-weight: 400; span style= font-weight: 400; Competitive benefits that cover physical and mental healthcare, retirement, family forming, and family support /span /li li style= font-weight: 400; span style= font-weight: 400; Employee giving match /span /li li style= font-weight: 400; span style= font-weight: 400; Mobile phone stipend /span /li /ul p span style= font-weight: 400; Take Care of Yourself /span /p ul li style= font-weight: 400; span style= font-weight: 400; R amp;R days so you can rest and recharge /span /li li style= font-weight: 400; span style= font-weight: 400; Generous wellness reimbursement and weekly onsite amp; virtual programming /span /li li style= font-weight: 400; span style= font-weight: 400; Generous vacation policy - work with your manager to take time off when you need it /span /li li style= font-weight: 400; span style= font-weight: 400; Industry-leading parental leave policies. Family planning benefits. /span /li li style= font-weight: 400; span style= font-weight: 400; Catered lunches, fully-stocked kitchens with premium snacks/beverages, and plenty of fun events /span /li /ul p span style= font-weight: 400; em data-stringify-type= italic Benefits listed above are for full-time employees. nbsp; /em /span /p hr div em Ripple is an Equal Opportunity Employer. We’re committed to building a diverse and inclusive team. We do not discriminate against qualified employees or applicants because of race, color, religion, gender identity, sex, sexual identity, pregnancy, national origin, ancestry, citizenship, age, marital status, physical disability, mental disability, medical condition, military status, or any other characteristic protected by local law or ordinance. /em /div div nbsp; /div div em Please find our a href= https://ripple.com/legal/eu-privacy-notice/ target= _blank UK/EU Applicant Privacy Notice /a and our a href= https://ripple.com/legal/ca-applicant-privacy-notice/ target= _blank California Applicant Privacy Notice /a for reference. /em /div div hr /div /div