Program Manager, Security GRC

at Stripe
📋 Project Management🔵 Mid-level

Job description

Who we are

About Stripe

Stripe is a financial infrastructure platform for businesses. Millions of companies—from the world’s largest enterprises to the most ambitious startups—use Stripe to accept payments, grow their revenue, and accelerate new business opportunities. Our mission is to increase the GDP of the internet, and we have a staggering amount of work ahead. That means you have an unprecedented opportunity to put the global economy within everyone’s reach while doing the most important work of your career.

About the team

The Stripe Security team is dedicated to improving the security of Stripe and its users. Our users trust us with some of their most sensitive information, and we make security a first-class consideration in everything we do. Security concerns are ever-evolving, creating an extremely dynamic environment for the Security team.

The Security Governance, Risk, and Compliance (SGRC) team at Stripe provides security governance, risk management, and compliance capabilities to allow Stripe to make strategic security decisions, measure our risk and control posture, and represent Stripe Security to internal & external entities. The successful operation of our organization accelerates Stripe by optimizing the communication and expectations of our security program.

What you’ll do

We are seeking an experienced Security Governance, Risk, and Compliance (GRC) Program Manager to join our team. In this role, you will lead the development and implementation of our security GRC initiatives, ensuring robust governance, risk management, and compliance processes are in place to protect company assets and data.

As a key player in our security team, you will work collaboratively to enhance our security posture and drive strategic initiatives in alignment with industry best practices and regulatory requirements. The ideal candidate will be adaptable and can find structure in an evolving and maturing organization.

In this role, you will act as a proxy between external entities like regulators and auditors, and our internal security teams, ensuring consistency in compliance responses and helping maintain a lean and effective compliance program.

Responsibilities:

  • Act as an information security subject matter expert during cross-functional audit engagements.
  • Participate and support audit walkthrough meetings on behalf of the Security team.
  • Serve as an internal liaison (proxy) between Technology GRC and the Security organization to ensure audits are managed effectively.
  • Perform various security risk & control assessments against common security frameworks to ensure compliance with Stripe’s Information Security Policy & Standards,
  • Create and maintain a central repository of audit evidence artifacts needed for compliance with SOC 2, PCI DSS, SOX, and other global regulatory standards.
  • Facilitate security support for Stripe’s legal entities with regulatory compliance obligations.
  • Collaborate with and support conversations with key stakeholders to track and report on control remediation efforts.
  • Maintain strong relationships across executive teams and technical collaborators.
  • Support acquisitions with security GRC related programs
  • Support the overall GRC team program initiatives, including policy writing, security awareness training, and third-party security risk assessments.

Who you are

We’re looking for someone who meets the minimum requirements to be considered for the role. If you meet these requirements, you are encouraged to apply. The preferred qualifications are a bonus, not a requirement.

Minimum requirements

  • You are a subject matter expert in information security frameworks, practices, policies, standards and procedures (e.g. NIST CSF, SOC 2, PCI DSS, ISO 270012 or equivalent)
  • 6+ years of experience in Security Governance, Risk, and Compliance (GRC) or Technology Compliance roles with a robust understanding of audit processes
  • Exposure to global regulatory requirements (e.g., DORA, FFIEC, EBA, NYDFS) and their integration into compliance programs.
  • Proven track record in leading GRC initiatives and managing large-scale security programs
  • Experience in conducting security audits and ensuring compliance with regulations.
  • Strong project management skills with proficiency in coordinating security assessments and managing multiple stakeholder engagements.
  • Excellent communication skills, capable of building strong relationships at all levels, from executive discussions to technical team collaboration
Share this job:
Please let Stripe know you found this job on Remote First Jobs 🙏

Similar Remote Jobs

Stripe logo

Stripe

Financial infrastructure platform

  • 1001-5000 employees
  • Founded in 2010
  • 57 remote jobs
View all jobs

Latest Jobs at Stripe

Benefits of using Remote First Jobs

Discover Hidden Jobs

Unique jobs you won't find on other job boards.

Advanced Filters

Filter by category, benefits, seniority, and more.

Priority Job Alerts

Get timely alerts for new job openings every day.

Manage Your Job Hunt

Save jobs you like and keep a simple list of your applications.

Search remote, work from home, 100% online jobs

We help you connect with top remote-first companies.

Search jobs

Hiring remote talent? Post a job

Frequently Asked Questions

What makes Remote First Jobs different from other job boards?

Unlike other job boards that only show jobs from companies that pay to post, we actively scan over 20,000 companies to find remote positions. This means you get access to thousands more jobs, including ones from companies that don't typically post on traditional job boards. Our platform is dedicated to fully remote positions, focusing on companies that have adopted remote work as their standard practice.

How often are new jobs added?

New jobs are constantly being added as our system checks company websites every day. We process thousands of jobs daily to ensure you have access to the most up-to-date remote job listings. Our algorithms scan over 20,000 different sources daily, adding jobs to the board the moment they appear.

Can I trust the job listings on Remote First Jobs?

Yes! We verify all job listings and companies to ensure they're legitimate. Our system automatically filters out spam, junk, and fake jobs to ensure you only see real remote opportunities.

Can I suggest companies to be added to your search?

Yes! We're always looking to expand our listings and appreciate suggestions from our community. If you know of companies offering remote positions that should be included in our search, please let us know. We actively work to increase our coverage of remote job opportunities.

How do I apply for jobs?

When you find a job you're interested in, simply click the 'Apply Now' button on the job listing. This will take you directly to the company's application page. We kindly ask you to mention that you found the position through Remote First Jobs when applying, as it helps us grow and improve our service 🙏

Apply