Robinhood - Communications Compliance Senior Specialist

• Risk strategy and governance: Define and mature the crypto risk management strategy and operating model. Establish and refine risk policies, standards, and procedures. Run governance and committee reporting for risk management. • Risk strategy and governance: • Risk appetite and metrics: Own the Risk Appetite Statements for Crypto entities and implement a comprehensive KRI framework with thresholds, alerts, and escalation paths. • Risk appetite and metrics: • Enterprise and product risk assessments: Lead RCSAs, Enterprise Risk Assessments, and Product/Change Risk Assessments (i.e. new feature launches like staking, and significant process/technology changes). Coordinate sufficient approvals and control implementation pre-launch. • Enterprise and product risk assessments: • Issue, incident, and control management: Oversee issues and remediation plans end-to-end; run post-incident reviews with root-cause analysis and durable corrective actions; partner with first-line owners and Internal Audit on control design, testing, and continuous monitoring. • Issue, incident, and control management • Analytics and reporting: Build executive-ready dashboards and monthly/quarterly risk reports in collaboration with data teams (e.g., Superset, Looker); deliver crisp insights, trends, and calls to action to crypto and enterprise leadership; prepare materials for Board/committee updates as needed. • Analytics and reporting • Regulatory and audit interface: Serve as a primary risk counterpart for regulatory examinations and supervisory touchpoints (e.g., NYDFS/BitLicense, state regulators, and MiCA/DORA); coordinate requests, evidence, and responses; manage findings and remediation to closure. • Regulatory and audit interface: • Enterprise resilience: Own and scale Business Impact Analyses (BIAs), Business Continuity Planning (BCP), Disaster Recovery Planning (DRP), and exercise/testing cycles; ensure alignment with the Robinhood-wide enterprise resilience standards and program roadmap. • Enterprise resilience: • Technology, security, and vendor risk partnership: Partner with Security, Engineering, and Vendor Management on access/change management, third-party risk, custody partner oversight, and blockchain infrastructure risks; drive risk-by-design principles across the lifecycle. • Technology, security, and vendor risk partnership • GRC tooling and process excellence: Define requirements and drive effective use of GRC tooling for assessments, issues, KRIs, and reporting; automate where possible and continually improve process efficiency and scalability. • GRC tooling and process excellenc • Team leadership: Build and develop a small, high-performing team; set clear goals and operating rhythms; coach for impact; manage budget, vendor relationships, and hiring. • Team leadership: