Job Detail

Director of Governance, Risk and Compliance at Bill.com
Palo Alto, CA, US
Bill.com is a leader in financial process automation for small businesses and mid-size companies. Making it simple to connect and do business, the Bill.com Back Office Cloud digitizes, automates and simplifies legacy payment and financial processes. With an integrated, end-to-end platform, Bill.com leverages artificial intelligence to reduce manual work, and provides a cloud workspace to help run your business anytime, anywhere. The company partners with four of the largest U.S. financial institutions, more than 70 of the top 100 U.S. accounting firms, and major accounting software providers. Bill.com manages more than $70B in annual payment volume across ACH, virtual cards, checks, and international payments. The company has offices in Palo Alto, California and Houston, Texas. For more information, visitwww.bill.com or follow @billcom.
 
Mission:  Ensure that Bill.com remains compliant with all applicable laws, regulations and regulatory guidance.
 
This hands-on leader will be responsible to ensure that Bill.com remains compliant with all applicable laws, regulations and regulatory guidance by planning, providing oversight, coordination, and delivering the activities to support successful internal audits and external compliance, and regulatory activities. The Director of GRC is responsible for managing enterprise-wide compliance requirements that include vendor management, regulatory developments, risk assessments and compliance monitoring/testing. Areas of focus include ongoing internal audits, annual compliance and regulatory activities with Security Assessors, Technology Risk, and Enterprise Risk.
 
Responsibilities:
     Provide leadership and oversight for compliance programs
     Design and build regulatory compliance risk assessments
     Lead 3rd party and internal audits
     Advise management on risk assessment processes and provide guidance in design and development of processes and controls to manage risks
     Present assessments of  risk, controls, and overall strategy  to senior engineering leaders and executives.
     Partner with business leaders to ensure timely identification, reporting, mitigation and resolution and of existing and emerging compliance risks and issues
     Oversee, develop and track various compliance monitoring metrics, key performance indicators, and key risk indicators to ensure consistent framework, standards and risk tolerances are followed. Continuously evaluate both business and compliance processes and procedures to drive effectiveness and efficiencies.
Monitor regulatory changes and track plans to implement new regulatory requirements across the organization
     Work with cross-functional leaders to ensure appropriate and timely changes are made in a consistent and company-wide fashion.
     Maintain a broad compliance skill set, with particular focus on consumer regulations and best practices for the management of compliance risk
     Oversee compliance of Third Party Suppliers/Vendors
 
Professional Experience/Background to be successful in this role:
     Compliance and regulatory knowledge in the banking, technology and software industry
     Leadership roles in Cybersecurity, Audit, Risk, and/or Compliance
     Participation and experience across various regulations and common industry security policy areas
 
Qualifications:
     Demonstrated compliance and regulatory knowledge in the banking, technology and software industry
     Excellent communication skills, both written and verbal. Able to present to senior executives, engineers and the company.
     Demonstrated ability to translate regulatory standards into technical requirements
     Bachelor’s Degree in Information Systems Management (or a related field) or equivalent work experience
     Must have 10+ years of overall work experience with at least 3 years in leadership roles in Cybersecurity, Audit, Risk, and/or Compliance
     Must have 5+ years direct participation and experience across various regulations and common industry security policy areas, including, but not limited to ISO, NIST, COSO, COBIT, PCI, FFIEC, SOX, SSAE16, GDPR and others
     CISSP, CISA Certifications preferred
     Some travel to visit partners may be required.
 
Competencies (Attributes needed to be successful in this role):
     Values - Ethical & Principled, Fair & Modest, Diligent & Proactive
     Ability to translate regulatory standards into technical requirements
     Must have great people and communication skills
     Staying on top of constantly changing regulatory landscape
     Tech savviness and learning agility
     Firm grasp of the company's business, goals and cultureAbility to make good judgements
 
Expected Outcomes in 12 months:
3 months:
     Transition into leading current compliance efforts and program
      Diagnose compliance infrastructure: Identify compliance risks to business and classify them as well managed, not managed at all, or in between with effort/controls to fill the gaps.  Identify the most risky practices at Bill.com that can have the biggest effect on business. Prepare a plan to address identified gaps in compliance & risk
     Present and achieve alignment with Bill.com leadership team on the gaps and purpose of this role
     Achieve alignment across leadership on the gaps and purpose of this role
6 Months:
     Achieve alignment on priority, controls and responsibilities
    Start executing on the plan to address identified gaps by building and improving upon the current compliance program
12 Months:
     Accelerate and proactively start planning for upcoming regulations that can have significant impact on business
     Regularly measure and report progress showing a gradual reduction of compliance risk
Bill.com Culture:
●      Humble – No ego
●      Fun –  Celebrate the moments
●      Authentic – We are who we are
●      Passionate – Love what you do  
●      Dedicated – To each other and the customer