• Review and interpret security-related contractual obligations to ensure alignment with the ISMS. • Ensure the ISMS is implemented in accordance with the country’s legal and regulatory requirements. • Coordinate directly with Asset Owners and internal teams to define and implement security controls, processes, and tools. • Support the SOC in investigations and remediation actions for incidents or policy violations. • Collaborate with Data Protection Officers to perform impact assessments and ensure compliance with local data protection laws. • Report to the Regional ISO and the CISO on the effectiveness of security controls and the level of compliance. • Support Asset Owners in client compliance programs. • Coordinate activities to ensure continuity of operations within the defined scope (client, country, program, or department). • Support planning and execution of response and recovery actions in case of disruptions. • Ensure proper documentation of incidents and collaborate with teams involved in crisis situations. • Maintain alignment with client contractual requirements and obligations. • Facilitate communication with internal and external stakeholders when necessary. • Contribute to the continuous improvement of continuity and recovery plans.

Role DescriptionDropbox is expanding its capabilities in AI-powered security, content access governance, and data loss prevention (DLP) to help SMB and mid-market businesses secure and manage their content with enterprise-grade protection. Following our acquisition of Nira, we have taken the first steps to integrate its data access governance technology into Dropbox Dash. Now, we are focused on deepening this integration across the Dropbox portfolio and expanding our security offering in the broader data access governance, DLP and AI Security markets. We are looking for a Staff Product Manager to lead this next phase — defining the strategy and key capabilities, shaping the roadmap, and scaling a new security business within Dropbox. This is a 0 → 1 opportunity to establish Dropbox as a leader in AI and Data security for SMBs and mid-market companies, bringing AI-driven access governance, insider risk protection, and compliance automation to businesses that need it most. Responsibilities - Build next-generation security products – Shape and deliver innovative solutions by integrating Nira’s governance capabilities into Dropbox and driving a standalone security offering for the broader market. - Lead an AI-driven roadmap – Define and launch intelligent features that use AI and automation to streamline access control, enforce real-time DLP, and proactively detect security risks. - Expand Dropbox’s impact in the market – Identify opportunities in the SMB and mid-market security space, craft a clear product vision, and accelerate adoption with a differentiated value proposition. - Deliver breakthrough product experiences – Partner with engineering and design to launch automated access reviews, AI-powered security insights, and compliance workflows that raise the bar on security. - Turn insights into action – Work directly with customers to uncover their toughest data governance and AI security challenges, and translate those needs into high-impact product features. - Drive seamless execution – Collaborate across engineering, security, compliance, and go-to-market teams to launch products that meet global standards (SOC 2, ISO 27001, GDPR, etc.) and delight customers. Requirements - Hands-on Security Product Expertise – 10+ years of product management experience, including 3+ years building solutions in Access Governance, DLP, DSPM, SSPM, or AI Security. - BS/MS in Computer Science, Engineering, Business, Information Systems, Applied Math or Statistics, or relevant experience. - Deep Domain Knowledge – Experience tackling data and IP protection challenges, especially in Access Management and DLP for Google Workspace, Microsoft OneDrive, Dropbox, Box, or similar SaaS platforms. - Customer-First Mindset – Passion for solving real customer pain points, with a track record of shipping security products that are powerful yet simple to use. - Proven 0 → 1 Builder – You’ve taken security products from idea to launch, driving adoption and impact in environments ranging from enterprise SaaS to fast-moving startups. - AI + Security Innovation – Experience applying AI/ML to security challenges—automating access controls, detecting risks, and strengthening data protection. - Cross-Functional Partner – Comfortable working side by side with engineering, security, GTM, and legal teams, blending technical know-how with product vision to ship great outcomes. Preferred Qualifications - Experience in building and scaling data ingestion systems and data platforms, - Experience working with AI/SaaS products or platforms such as ChatGPT, Gemini, Claude and understanding of data security risks with using AI and SaaS products. - Exposure to access and data security challenges and solutions for using AI agents in enterprise. CompensationUS Zone 1 This role is not available in Zone 1 US Zone 2 $212,700—$287,700 USD US Zone 3 $189,000—$255,800 USD

Role Description Incumbent serves as a Aviation Safety Technician (AST) in a Flight Standards Office providing technical support to Aviation Safety Inspectors (ASIs) and the public. Performs or assists with a wide range of certification, surveillance, and investigation duties requiring research and evaluation in accordance with current FAA safety directives/orders. Tasks are performed following prescribed or established procedures to assist inspectors, investigators, and Flight Standards program officials in their fact-finding or program administration responsibilities and requires basic evaluative judgment. The work performed falls primarily in one of the following categories: - Inspections: Determinations based on visual or other specific inspection techniques, governed by specific procedures. - Technical support: Searching for, gathering, screening, and providing factual information related to inspections or investigations. Duties and Responsibilities - Technical Administration: Provides technical knowledge and support to aviation safety inspectors, the general public, stakeholders, and airmen regarding a wide variety of aviation-related topics. - Extracts safety data and information from FAA records to identify trends affecting aviation safety. - Provides technical assistance and/or support with certification, surveillance, investigation, and/or enforcement, including: - Certification Support: - Provides technical support to ASIs during certification of operators and air agencies. - Reviews airmen certification files for accuracy. - Reviews inspection authorization files for renewal eligibility. - Conducts Operational Color Vision Tests. - Reviews designee management system to determine renewal eligibility. - Compiles data for technical reports. - Surveillance Support: - Assists ASIs with surveillance of aviation events. - Assists in drafting and issuing waivers and authorizations. - Investigation Support: - Drafts Enforcement Investigative Reports (EIR) for review and final approval by an ASI. - Acts as the Point of Contact (POC) for safety assets (PPE) related to accident investigations. - Enforcement Support: Responsible for enforcement functions including conducting violations, voluntary disclosure, suspect illegal charters, incidents, navigation, and altitude deviation investigations. Qualifications - At least one year (52 weeks) of specialized experience equivalent to the (FG/GS-8) level. - Experience gathering and compiling aviation safety data. - Experience analyzing aviation safety information for identifying trends. - Experience preparing technical reports and documents. - Experience conducting or assisting in aviation investigations such as complaints, occurrences, incidents, accidents, and/or violations. - Technical training and/or certification experience applicable to a regulatory aviation environment is preferred. Requirements - US Citizenship is required. - Selective Service Registration is required for males born after 12/31/1959. - Must submit an SF50 (See Required Documents). - Security Requirement: Moderate Risk (5). Completion and favorable adjudication of a background investigation prior to appointment is required. Benefits - Comprehensive benefits package for federal employees. - Access to a range of benefits designed to make your federal career rewarding.

• Provide expert security engineering support to ensure that the NADACS portfolio adheres to DoD and Army cybersecurity policies and frameworks. • Assist in the design, assessment, and implementation of security controls to ensure system compliance with regulatory requirements, such as Risk Management Framework (RMF) and FedRAMP. • Analyze and document existing systems and processes to identify areas for security enhancements and recommend improvements across the NADACS Portfolio. • Collaborate with Program Management Office (PMO) leadership to integrate security requirements within four primary Levels of Effort (LoEs): Staffing, Contract Management, Corporate Governance, and Onboarding/Offboarding efforts. • Perform security assessments and audits to track and monitor compliance with cybersecurity guidelines and training requirements. • Ensure cybersecurity documentation and deliverables are accurate, complete, and delivered according to client and regulatory standards. • Develop alternative information security strategies to address and meet organizational security objectives. • Foster strong relationships with technical stakeholders, clients, and vendors to address and resolve security-related challenges effectively.