Director, Product Risk and Compliance

Discord's Legal team is looking for a Director, Product Risk and Compliance to lead our global product compliance function, focusing on privacy, safety, security, and consumer protection. This is a senior leadership role: you’ll be Discord's internal voice on what our product risk and compliance posture actually looks like — and what we should do about it. This role requires both operational rigor — building the systems and rhythms that keep us ahead of our obligations — and genuine subject matter depth across privacy, safety, and security compliance. It reports to Discord's Senior Director, Product Law. This role can be based in the San Francisco Bay Area, New York City, or Washington, DC.

What you'll be doing

• Lead three teams — privacy compliance, safety and revenue compliance, and security GRC — bringing them under a unified operating philosophy and setting clear direction on priorities, maturity targets, and program development
• Partner with product and engineering teams to identify and navigate compliance obligations and build sustainable controls — providing substantive guidance on privacy, safety, and security requirements
• Own Discord's product risk registers across privacy, safety, and security — identifying and tracking risks, driving consistent risk scoring, and leading remediation and gap-closing efforts in partnership with the business
• Build and maintain a control library and compliance maturity framework that gives us a clear picture of where we are and where we need to go — and helps us get there in a prioritized way
• Produce risk and compliance reporting calibrated to different audiences inside the company, from team leads to senior leadership, feeding into Discord's broader enterprise risk processes
• Lay the foundation for audits and potential certifications (SOC 2, ISO 27001, and others as they arise)
• Work cross-functionally across Product, Engineering, Security, Policy, and Trust & Safety to make sure compliance considerations are integrated into planning processes and how we build our product
• Serve as a credible, trusted voice on product risk and compliance at every level of the company — able to walk into a room with senior leadership and make the case for what matters, what doesn't, and what realistic progress looks like

What you should have

• 12+ years of experience in compliance, risk management, or a related field, with demonstrated experience leading compliance functions across multiple subject matter areas — not just running a single-subject program
• Breadth across at least two of our core domains: privacy (GDPR, CCPA, and global privacy frameworks), online safety and content regulation (DSA, COPPA, children's safety laws), or security compliance (SOC 2, ISO 27001, NIST CSF)
• Experience owning risk registers, building and maintaining control libraries, setting maturity targets, and producing risk reporting for different audiences
• Experience managing teams across multiple compliance disciplines, with the people management and prioritization skills to lead a function of seven or more people across three distinct areas
• Strong executive communication skills — able to represent our risk and compliance posture clearly and credibly to senior leadership, make realistic tradeoffs out loud, and bring stakeholders along without overpromising
• A real point of view on how compliance programs should be built and run, and the ability to adapt that philosophy to Discord's stage, culture, and risk profile
• Comfort operating in a fast-moving environment with incomplete information — this person cannot be paralyzed waiting for certainty

Bonus Points

• Experience at a consumer-facing technology platform with significant regulatory complexity and scale
• Direct experience building or maturing a compliance program from an early stage, including selecting and implementing GRC tooling and moving from manual to automated compliance processes
• Familiarity with AI governance frameworks (EU AI Act, ISO 42001) and payments compliance
• JD or legal background
• Experience in gaming, social platforms, or communications technology

Candidates must reside in or be willing to relocate to the DC area.

The US base salary range for this full-time position is $260,000 to $325,000+ equity + benefits. Our salary ranges are determined by role and level. Within the range, individual pay is determined by additional factors, including job-related skills, experience, and relevant education or training. Please note that the compensation details listed in US role postings reflect the base salary only, and do not include equity, or benefits.