Remote | International

Director of Risk Compliance

About Toptal:

Toptal is a global network of top talent in business, design, and technology that enables companies to scale their teams, on-demand. With $100+ million in annual revenue and triple-digit growth, Toptal is the largest fully distributed workforce in the world.

We take the best elements of virtual teams and combine them with a support structure that encourages innovation, social interaction, and fun (see this video from The Huffington Post). We see no borders, move at a fast pace, and are never afraid to break the mold.

Position Description:

As the Director of Risk and Compliance, you will lead the strategic and tactical efforts to assess, monitor and protect Toptal from regulatory, operational and reputation risk. This role will partner with Legal, Security Operations, Engineering, Sales, Talent Operations, People Team, and Product teams to develop compliance and monitoring programs and processes. You will serve as the company knowledge expert on compliance requirements pertinent to our industry in a global environment, develop programs to meet the requirements, and make recommendations for building compliance programs into products owned by others. Your observations and related recommendations for solutions to areas of potential exposure will be shared at an executive level for determination of appropriate actions. Success in this role will be defined by efficient and effective avoidance of risk and adherence to global regulatory requirements.

This is a remote position that can be done from anywhere. We are unable to provide visa sponsorship at this time.

Responsibilities:

In this role, you will be responsible for performing a comprehensive company-wide risk assessment, identifying gaps and implementing prioritized solutions based on the level of exposure and/or impact. You will be establishing a new discipline and related internal strategies, policies, processes, procedures, and programs to prevent violations of law, rules and regulations. Your gap analysis and risk assessments will establish your priorities for risk prevention and remediation. You will be expected to maintain current knowledge, as the resident expert on compliance, regulations and other areas of risk that could have a negative impact to Toptal’s financial performance, brand reputation, and regulatory and/or operational risk exposure. Ongoing monitoring of processes, oversight and regular reporting to executives will be within your purview in order to ensure strong and continued controls and compliance.

Initial areas of focus will include:

  • Full company risk and gap assessment
  • Development of adequate control framework including performance of control testing and internal audits
  • Conducting a review and developing/updating policies and procedures to ensure process compliance (i.e. ethics, privacy, security)
  • Talent profile compliance, including identity verifications and audits
  • Compliance with anti-bribery and anti-corruption laws
  • Talent and Client contract circumvention issues
  • Suspicious activity detection and investigations
  • Global Worker Classification Compliance
  • Partnering with Legal for compliance with GDPR / Serbian Data Law / California Privacy Act / Privacy Acts; wiretapping laws, insurance reviews.
  • Partnering with Security Ops for platform access control and framework reviews

In the first week you will:

  • Onboard and integrate into Toptal.
  • Rapidly begin learning about Toptal’s history, culture, and vision.
  • Shadow key teams across the company to learn the core of Toptal’s operations and capabilities.

In the first month you will:

  • Inventory and document known regulatory compliance requirements
  • Inventory current risk and compliance policies and procedures
  • Research and identify applicable regulations pertinent to our industry and global presence

In the first three months you will:

  • Perform a full company and functional level risk assessment
  • Identify gaps in our risk and compliance environment
  • Become the primary GDPR expert, responding to requests and ensuring compliance
  • Prioritize and begin remediation and control efforts across Toptal

In the first six months you will:

  • Implement and formalize programs and policies that address prioritized risks
  • Implement control testing programs
  • Develop processes to address operational risk

In the first year you will:

  • Create a comprehensive risk and control framework and culture for Toptal that ensures regulatory adherence and operational risk mitigation for key areas

Requirements:

  • At least 7 years in a risk and compliance leadership role
  • Experience successfully developing risk and control assessments and related frameworks and programs for a medium-sized company
  • General knowledge of global privacy laws, Global Worker Classification and Compliance laws, and * OFAC compliance requirements, with an ability to research and interpret the intricacies in a global environment.
  • Experience developing fraud detection, prevention and investigative processes that have successfully reduced the risk exposure to organizations
  • Strong regulatory research and interpretation skills
  • Experience with auditing and risk management principles, with demonstrated analytical and complex problem-solving skills
  • Experience interfacing cross-organizationally to effectively implement compliance programs
  • Ability to interface with technical Product managers to implement system controls that strengthen our risk and control environment
  • Experience preparing and presenting effective proposals for risk mitigation strategies to executive teams
  • Excellent relationship-building and communications skills
  • Strong attention to detail
  • Possess broad business acumen
  • Knowledge of specific Talent industry and related regulations a plus
  • You must be a world-class individual contributor to thrive at Toptal. You will not be here just to tell other people what to do.