Program Manager, Security GRC at Stripe

We are redirecting you to the source. If you are not redirected in 3 seconds, please click here.

Program Manager, Security GRC at Stripe. Location Information: Remote. . Who we are. . About Stripe. . Stripe is a financial infrastructure platform for businesses. Millions of companies—from the world’s largest enterprises to the most ambitious startups—use Stripe to accept payments, grow their revenue, and accelerate new business opportunities. Our mission is to increase the GDP of the internet, and we have a staggering amount of work ahead. That means you have an unprecedented opportunity to put the global economy within everyone’s reach while doing the most important work of your career.. . About the team. . The Stripe Security team is dedicated to improving the security of Stripe and its users. Our users trust us with some of their most sensitive information, and we make security a first-class consideration in everything we do. Security concerns are ever-evolving, creating an extremely dynamic environment for the Security team.. . The Security Governance, Risk, and Compliance (SGRC) team at Stripe provides security governance, risk management, and compliance capabilities to allow Stripe to make strategic security decisions, measure our risk and control posture, and represent Stripe Security to internal & external entities. The successful operation of our organization accelerates Stripe by optimizing the communication and expectations of our security program. . . What you’ll do. . We are seeking an experienced Security Governance, Risk, and Compliance (GRC) Program Manager to join our team. In this role, you will lead the development and implementation of our security GRC initiatives, ensuring robust governance, risk management, and compliance processes are in place to protect company assets and data. . . As a key player in our security team, you will work collaboratively to enhance our security posture and drive strategic initiatives in alignment with industry best practices and regulatory requirements. The ideal candidate will be adaptable and can find structure in an evolving and maturing organization.. . In this role, you will act as a proxy between external entities like regulators and auditors, and our internal security teams, ensuring consistency in compliance responses and helping maintain a lean and effective compliance program.. . Responsibilities:. . . Act as an information security subject matter expert during cross-functional audit engagements.. . Participate and support audit walkthrough meetings on behalf of the Security team.. . Serve as an internal liaison (proxy) between Technology GRC and the Security organization to ensure audits are managed effectively.. . Perform various security risk & control assessments against common security frameworks to ensure compliance with Stripe’s Information Security Policy & Standards, . . Create and maintain a central repository of audit evidence artifacts needed for compliance with SOC 2, PCI DSS, SOX, and other global regulatory standards.. . Facilitate security support for Stripe’s legal entities with regulatory compliance obligations.. . Collaborate with and support conversations with key stakeholders to track and report on control remediation efforts.. . Maintain strong relationships across executive teams and technical collaborators.. . Support acquisitions with security GRC related programs. . Support the overall GRC team program initiatives, including policy writing, security awareness training, and third-party security risk assessments.. . . Who you are. . We’re looking for someone who meets the minimum requirements to be considered for the role. If you meet these requirements, you are encouraged to apply. The preferred qualifications are a bonus, not a requirement.. . Minimum requirements. . . You are a subject matter expert in information security frameworks, practices, policies, standards and procedures (e.g. NIST CSF, SOC 2, PCI DSS, ISO 27001/2 or equivalent). . 6+ years of experience in Security Governance, Risk, and Compliance (GRC) or Technology Compliance roles with a robust understanding of audit processes. . Exposure to global regulatory requirements (e.g., DORA, FFIEC, EBA, NYDFS) and their integration into compliance programs.. . Proven track record in leading GRC initiatives and managing large-scale security programs. . Experience in conducting security audits and ensuring compliance with regulations.. . Strong project management skills with proficiency in coordinating security assessments and managing multiple stakeholder engagements.. . Excellent communication skills, capable of building strong relationships at all levels, from executive discussions to technical team collaboration. . . Working remotely at Stripe . A remote location, in most cases, is defined as being 35 miles (56 kilometers) or more from one of our offices. While you would be welcome to come into the office for team/business meetings, on-sites, meet-ups, and events, our expectation is you would regularly work from home rather than a Stripe office. Stripe does not cover the cost of relocating to a remote location. We encourage you to apply for roles that match the location where you currently or plan to live. . Pay and benefits . . The annual US base . salary. range for this role is $161,300 - $241,900. For sales roles, the range provided is the role’s On Target Earnings ("OTE") range, meaning that the range includes both the sales commissions/sales bonuses target and annual base salary for the role. This salary range may be inclusive of several career levels at Stripe and will be narrowed during the interview process based on a number of factors, including the candidate’s experience, qualifications, and location. Applicants interested in this role and who are not located in the US may request the annual salary range for their location during the interview process. . . Additional benefits for this role may include: equity, company bonus or sales commissions/bonuses; 401(k) plan; medical, dental, and vision benefits; and wellness stipends.. . We look forward to hearing from you . At Stripe, we're looking for people with passion, grit, and integrity. You're encouraged to apply even if your experience doesn't precisely match the job description. Your skills and passion will stand out—and set you apart—especially if your career has taken some extraordinary twists and turns. At Stripe, we welcome diverse perspectives and people who think rigorously and aren't afraid to challenge assumptions. Join us..