Search all jobs
Browse jobsColumbia, MD › Global Director, Risk & Compliance

Global Director, Risk & Compliance

Blend360 · Columbia, MD, United States · Posted Jul 8, 2026

Apply on company site   Track it in JobSkout

We are looking for a Director, Global Risk & Compliance to establish and lead the firm's first centralized risk management and compliance function. This role will build the enterprise risk framework, develop and implement global policies (AI governance, data privacy, vendor risk management, ESG compliance), manage the corporate insurance program, and coordinate compliance execution across all regions.

This role will serve as the client-facing risk leader, engaging directly with enterprise clients on compliance questionnaires, security assessments, and risk governance. The role partners closely with the VP of IT and Sr. Security Engineer to ensure the enterprise risk framework reflects both business and technology dimensions.

This is a governance and framework role, not a technical security engineering role. The Director defines risk policy and requirements ("what" and "why"); the Sr. Security Engineer implements at the infrastructure level ("how"). The two roles operate as complements with a clear boundary.

Core Responsibilities

Risk Management & Oversight

Partner with executive leadership to define Blend360's risk appetite and tolerance thresholds; translate those into a practical risk management framework with clear escalation protocols across all the global enterprise.

Create and maintain a master risk register that tracks business, operational, regulatory, and technology risks; record who owns each risk, its likelihood and potential impact, and how we'll address it

Run annual risk reviews across all regions and business units; use the external Global Risk Assessment (expected Q3 2026) to benchmark our findings

Design incident response procedures and lead after-incident reviews to track fixes to completion

Brief senior leadership quarterly on our risk position, new threats, and progress on mitigation efforts

AI Governance & Technology Risk

Create and maintain policies for how Blend360 uses AI, manages data, handles information security, and maintains business continuity

Partner with the AI Steering Committee to ensure AI is used responsibly both for client work and internal operations

Set standards for building and using AI models: establish rules around data quality, model performance, bias detection, and responsible use; translate regulatory requirements (EU AI Act, NIST AI RMF) into Blend360 standards

Work with the VP of IT and Sr. Security Engineer to assess risks in our technology infrastructure (AWS, Snowflake, client systems); document findings in the risk register and present to leadership

Track data safety across the company, from how it's collected and processed to how it's shared and moved across borders (for both client and internal data)

Review client projects for risks related to cloud, data, and AI components; provide risk-based recommendations to support legal review and deal decisions

Vendor & Third-Party Risk Management

Establish standards for evaluating vendor and partner risks; assess key technology providers (AWS, Snowflake), subcontractors, regional partners and any data processors

Set rules for how we safely integrate with and share data with vendors

Review the technical side of partnerships, acquisitions, and client solutions working with the VP of IT

Review all policies at least annually and maintain an update process when policies change

Insurance & Compliance Program

Manage Blend360's global insurance programs: professional liability, cyber, directors & officers, general liability, and any client-specific coverage

Manage broker relationships and lead annual insurance renewals

Lead SOC 2 compliance: own the audit relationship, framework, and track remediation; work with the Sr. Security Engineer on technical requirements

Oversee ESG compliance, including Mastercard requirements and sustainability reporting (SBTi, CDP)

Track regulatory changes across North America, Europe, and Latin America that affect Blend360 (GDPR, EU AI Act, data privacy laws, employment law)

Cross-Regional Coordination

Coordinate compliance across regions with legal leads: North America, Latin America, and EMEA

Work with VP Ops in Uruguay and India on compliance, employment law, and data protection at each office

Fill the EMEA compliance gap until dedicated legal resources are in place; own EMEA policies in the meantime

Partner with legal lead on Latin American regulatory issues; work with Legal & Compliance Analyst for on-the-ground support

Run quarterly compliance reviews with each region; track fixes and report status to the SVP Finance

Client-Facing Risk & Compliance

Represent Blend360 on risk and compliance matters with enterprise clients; engage directly with their security, procurement, and compliance teams

Handle client compliance questionnaires (security, privacy, ESG, AI governance) in partnership with IT, Security, and delivery teams

Create standard checklists for reviewing client contracts and define when to escalate

Support high-risk contract reviews; assess insurance, liability, indemnif…

Apply on company site