Senior Security Policy Management Lead

About the role

As the Security Policy Management Lead, you will play a critical role in shaping and maintaining the foundation of our enterprise’s security and privacy governance. You will own the lifecycle of our corporate-wide security and privacy policies, standards, and procedures—ensuring they remain current, actionable, and aligned with industry trends, evolving regulatory expectations, and business needs. This role is central to how our organization manages technology-related risk, working cross-functionally with policy owners, subject matter experts, corporate compliance, and enterprise risk management teams to build and sustain a robust governance framework.

Beyond policy upkeep, you'll lead the security exception program—tracking temporary deviations from policy and ensuring each exception is evaluated, documented, and resolved in a risk-informed manner. Success in this role requires a strong understanding of the interplay between technology, security, and privacy, paired with exceptional organizational skills and a passion for problem-solving.

You will champion efficiency in policy management processes, identify bottlenecks, and proactively drive improvements through both collaboration and automation. Your ability to build strong partnerships across technical, legal, compliance, and governance teams will be vital in supporting Robinhood secure and continued growth.

While this role is currently an individual contributor within the Robinhood Security Risk and Resilience organization, you will build a cross divisional team of experts and partners to deliver on the program objectives. As the company grows and needs are identified you may be asked to build and supervise a small team.

Your day-to-day will involve:

• Assessing the current state of governance documentation and exception processes and creating a detailed plan to deliver the objectives of the program
• Collaboratively editing policies, standards, operational procedures
• Meeting with partners to review and obtain approvals for policies and standards
• Partnering with our Security Risk Assessment teams to validate policy supporting controls and efficient exception documentation
• Tracking regulations and industry trends to incorporate into our policy documents as needed

About you:

• Bachelor's degree or equivalent experience in Computer Science, Engineering, Information Systems, Finance, or related fields
• 5+ years of experience in governance, risk, and compliance (GRC) roles with a focus on Policy and Standards compliance.
• Experience writing security and engineering policies and standards
• Experience building sophisticated cross-functional programs
• Excellent technical writing skills

Bonus points:

• Experience working in a fast paced technology focused company
• Experience in a highly regulated environment and/or public companies
• Experience with adapting off-the-shelf GRC tools to program needs
• CISSP, CISM, ISSMP, or similar certification
• Team lead experience and interest in building teams

Client-provided location(s): Toronto, Canada

Job ID: 6983094

Employment Type: OTHER

Posted: 2025-06-18T23:34:42