Director of Risk and Compliance
Toptal is a global network of top freelance talent in business, design, and technology that enables companies to scale their teams, on-demand. With $100+ million in annual revenue and over 40% year-over-year growth, Toptal is the world’s largest fully remote company.
We take the best elements of virtual teams and combine them with a support structure that encourages innovation, social interaction, and fun. We see no borders, move at a fast pace, and are never afraid to break the mold.
As the Director of Risk and Compliance, you will lead the strategic and tactical efforts to continually assess, monitor and protect Toptal from regulatory, operational, security, and reputation risk. This role will partner with Legal, Security Operations, Engineering, Sales, Talent Operations, People Team, and Product teams to administer and enhance compliance and monitoring programs and processes.
Reporting to the Chief Administrative Officer, you will serve as the leader of and company knowledge expert on compliance and investigations pertinent to our industry in a global environment. This is a hands-on role that will develop and enhance programs to meet requirements, and ensure process compliance.
Your observations and related recommendations for solutions to areas of potential or increased exposure will be shared at an executive level for determination of appropriate actions. Success in this role will be defined by excellent decision-making and process execution that leads to efficient and effective avoidance of risk within the company risk tolerance.
This is a remote position that can be done from anywhere. Due to the remote nature of this role, we are unable to provide visa sponsorship. Resumes and communication must be submitted in English.
As Director of Risk and Compliance, you will assume an important player-coach role in leading the Risk and Compliance function at a hyper-growth company. You will be responsible for continually reviewing and enhancing the comprehensive company-wide risk assessment, identifying gaps and implementing prioritized solutions based on the level of exposure and/or impact. You will ensure existing processes are followed while enhancing internal strategies, policies, processes, and programs to prevent violations of law and maintain the integrity of our Talent network.
As the Director, you will continue to move toward enhancing the discipline with preventative measures in addition to reactive processes. Daily, you will be expected to exercise your strong judgment, excellent decision-making and execution skills. Leveraging your broad experience across diverse functions will be critical to success. Your daily tasks and oversight may range from leading fraud and security investigations to completing data deletion requests associated with GDPR.
This role serves as the resident expert on compliance, regulations and other areas of risk that could have a negative impact on Toptal’s financial performance, brand reputation, and regulatory and/or operational risk exposure. Ongoing leadership and monitoring of processes, oversight and regular reporting to executives will be within your purview in order to ensure strong and continued controls and compliance.
Initial areas of focus will include:
- Review of the company risk and gap assessment for enhancements and opportunities within company risk profile.
- Review and develop/update policies and procedures to ensure efficiencies and process compliance (i.e. privacy, security, investigations).
- Talent profile compliance, including identity verifications and audits.
- Talent and Client contract circumvention detection and remediation.
- Leadership of suspicious activity and possible data breach detection, and related investigations.
- Global Worker Classification program administration, training, and execution.
- Partnering with Legal for compliance with GDPR / California Privacy Act / Privacy Acts; wiretapping laws, insurance reviews.
- Partnering with Security Ops to ensure a strong information security environment, avoid potential data breaches, and ensure prudent platform access controls.
- Development of adequate control framework including the performance of control testing and internal audits.
In the first week, expect to:
- Onboard and integrate into Toptal.
- Rapidly begin learning about Toptal’s history, culture, and vision.
- Shadow key teams across the company to learn the core of Toptal’s operations and capabilities.
In the first month, expect to:
- Review existing risk assessments.
- Review, inventory and comprehend current risk and compliance policies and procedures.
- Begin to assume responsibility for current GDPR, GWCP, and investigations actions and decisions.
In the first three months, expect to:
- Further structure the risk and compliance discipline to ensure deep knowledge capabilities and capacity in a high growth environment.
- Become the primary GDPR and GWCP expert, responding to requests and ensuring compliance.
- Lead suspicious activity and data security investigations.
- Develop control testing programs.
In the first six months, expect to:
- Refine, enhance and implement proactive and risk avoidance processes.
- Fully execute upon control testing programs.
- Develop enhanced processes to address operational risk.
In the first year, expect to:
- Ensure an enhanced and efficient comprehensive risk and control framework and culture for Toptal, that ensures regulatory adherence and operational risk mitigation for key areas.
- At least 7 years in a risk and compliance leadership role.
- Experience successfully developing or enhancing an existing risk and control program, and related frameworks for a medium-sized company.
- Possess knowledge of global privacy laws, Global Worker Classification and Compliance laws, and OFAC compliance requirements, with an ability to research and interpret the intricacies in a global environment.
- Experience developing and leading fraud detection, prevention and investigative processes that have successfully reduced the risk exposure to organizations.
- Strong regulatory research, judgment, decision-making and interpretation skills.
- Experience with auditing and risk management principles, with demonstrated analytical and complex problem-solving skills.
- Experience interfacing cross-organizationally to effectively implement risk and compliance programs.
- Ability to interface with technical Product managers to implement system controls that strengthen our risk and control environment.
- Experience preparing and presenting effective proposals and outcomes related to risk mitigation strategies to executive teams.
- Excellent relationship-building and communications skills.
- Strong attention to detail.
- Possess broad business acumen.
- Knowledge of specific Talent industry and related regulations a plus.
- You must be a world-class individual contributor to thrive at Toptal. You will not be here just to tell other people what to do.