Senior Director – Governance, Risk and Compliance – Melbourne
Join us on our mission to make a better world of work.
Culture Amp is the world's leading employee-experience platform, revolutionising how 25 million employees across more than ***** companies create a better world of work.
We empower companies of all sizes and industries to transform employee engagement, drive performance management and develop high-performing teams.
Powered by people science and the most comprehensive employee dataset in the world, the most innovative companies – including Canva, On, Asana, Dolby, McDonald's and Nasdaq – depend on Culture Amp every day.
Culture Amp is backed by leading venture capital funds and has offices in the US, UK, Germany and Australia.
We have been recognised as one of the world's top private-cloud companies by Forbes and as one of the most innovative companies by Fast Company.
How you can help make a better world of work
As Senior Director, Risk & Compliance you will lead and strengthen our enterprise-wide risk and compliance strategy and operational execution.
You will embed a culture of risk awareness, operational resilience, and legal / regulatory compliance, supporting Culture Amp in achieving business outcomes and maintaining stakeholder trust.
You will ensure that our frameworks, policies and controls align with global standards such as GDPR, SOC 2, ISO *****, ISO ***** and regulatory obligations, while enabling innovation – including the responsible development of AI capabilities.
This role partners closely across the executive, board and functional leadership to set appetite, monitor, mitigate and report on key risks and drive continuous improvement.
Key Responsibilities
Own and continuously evolve Culture Amp's Risk Management Framework, ensuring our risk practices, appetite statement and controls underpin strategic objectives, regulatory expectations and stakeholder trust.
Facilitate forums and practices that effectively govern risk (e.g. Board and Management Risk Management Committees); drive regular forums for senior leadership to validate and monitor company-wide risks, including strategic, operational, financial, technology and regulatory risks.
Develop reporting packs for the Finance, Audit and Risk Governance Board sub-committee and the Board, ensuring transparency on key risks, compliance obligations and risk-based decisions.
Collaborate with functional risk owners to identify, assess and prioritise risks across the organisation, including financial, operational, cybersecurity, artificial intelligence and reputational risks.
Maintain oversight of risk registers and support functional risk owners to drive remediation plans, including cost-benefit analysis, in line with appetite and tolerance.
Partner across the business (customer, product, ops teams) to advise on the risk implications for emerging technology (e.g. Agentic AI), ensuring products and services are aligned to customer and regulatory obligations and within risk tolerance settings.
Oversee corporate compliance obligations – including training and tracking – ensuring staff complete mandatory requirements and are equipped to identify and respond to evolving threats (e.g. cybersecurity, fraud, business resiliency events).
Lead business resiliency and business continuity practice, including documenting and maintaining supporting documentation, continuous improvement and conducting at least annual simulations.
Foster a risk-aware culture throughout the organisation by promoting risk management education and awareness.
What you'll bring to Culture Amp
10+ years in risk management and compliance with at least 5 years of experience in a leadership role.
Track record leading risk and compliance for a high-growth, multi-national AI-led technology business (ideally SaaS/platform).
Familiarity with effective application of risk-management frameworks in technology/AI platform development and industries with privacy and data-protection obligations.
Proven leadership in building cross-functional risk forums / committees, delivering commercial outcomes in a risk-empowered context.
Strong knowledge of auditing standards (e.g. IIA Standards), risk-management frameworks (e.g. ISO *****, ISO *****) and compliance requirements (e.g. SOC 2, GDPR).
Experience in developing, implementing and managing an Enterprise Risk Management (ERM) program in alignment with organisational objectives.
Extensive background in ensuring compliance with laws, regulations and standards such as GDPR, SOC 2, ISO *****, ISO ***** and industry-specific regulations.
Experience with global operations, understanding the differences of compliance and risk management in different regulatory environments.
Strong ethical leadership, particularly in handling sensitive information and decisions with integrity.
Benefits
Employee Share Options Program – be an owner in Culture Amp.
Programs, coaching and budgets to help you thrive personally and professionally.
Access to external providers for mental wellbeing and coaching support.
Monthly Camper Life Allowance – an automatic allowance paid out with your monthly pay.
Team budgets dedicated to team-building activities and connection.
Intentional quarterly wellbeing pauses – a company-wide shutdown day in each region.
Extended year-end breaks – an extended refresh period at the end of the year.
Excellent parental leave and in-work support programme from day 1.
Five Social Impact Days a year to make a positive impact on the community.
Mac Books and a work-from-home office budget.
Medical insurance coverage for you and your family (US & UK only).
Commitment to Diversity, Equity and Inclusion
We have a strong commitment to Anti-Racism and endeavour to lead by example.
Every step we take as a business towards anti-racism is another step we can take to support our customers in making a better world (of work).
Learn more about our Anti-Racism commitments.
Why We Want to Hear From You
Research shows that candidates from under-represented backgrounds often don't apply for roles if they don't meet all the criteria – unlike majority candidates who meet significantly fewer requirements.
We strongly encourage you to apply if you're interested; we'd love to know how you can amplify our team with your unique experience
If you decide to apply, we will ask you to complete voluntary diversity questions (excluding roles in Germany).
These questions are optional; your participation helps us build a more inclusive and equitable hiring process.
Your responses are entirely confidential and will not impact hiring decisions.
We reserve the right to contact you in the future for other opportunities.
We retain your CV and personal information for four years (two years for non-US applicants) from the date of application completion.
For further information, please see our privacy policy or contact us.
Culture Amp is committed to providing equal employment opportunities to all employees and applicants for employment regardless of race, colour, religion, creed, age, national origin or ancestry, ethnicity, sex, sexual orientation, gender identity or expression, disability, military or veteran status, or any other category protected by federal, state or local law.
Application Process
Thank you and good luck with your application.
#J-*****-Ljbffr