Staff Program Manager, Security GRC

Who we are

About Stripe

Stripe is a financial infrastructure platform for businesses. Millions of companies—from the world’s largest enterprises to the most ambitious startups—use Stripe to accept payments, grow their revenue, and accelerate new business opportunities. Our mission is to increase the GDP of the internet, and we have a staggering amount of work ahead. That means you have an unprecedented opportunity to put the global economy within everyone’s reach while doing the most important work of your career.

About the team

The Stripe Security team is dedicated to improving the security of Stripe and its users. Our users trust us with some of their most sensitive information, and we make security a first-class consideration in everything we do. Security concerns are ever-evolving, creating an extremely dynamic environment for the Security team.

The Security Governance, Risk, and Compliance (GRC) team's mission is to develop and maintain a comprehensive security framework that aligns with industry standards and regulatory requirements. We establish clear policies, identify and mitigate risks, and ensure security compliance across the organization. Our team plays a crucial role in demonstrating our robust security posture to auditors and regulators, maintaining compliance, and assessing and managing security risks.. 

About the role

We are seeking an experienced Staff Program Manager to join our Security GRC team. This role will serve as a technical lead and key advisor to the Head of Security GRC, playing a crucial part in shaping and implementing Stripe's security governance, risk, and compliance strategies.

The ideal candidate will be a strategic thinker, a collaborative leader, and an expert in translating complex security concepts into practical, business-aligned solutions.

Key Responsibilities:

  • Act as a senior technical lead and advisor on Security GRC specific challenges, providing expert guidance to team members and stakeholders.
  • Lead and execute complex, cross-functional security GRC projects, ensuring alignment with Stripe's overall security objectives.
  • Drive the evolution and implementation of Stripe's security frameworks, policies, and standards.
  • Oversee the assessment and remediation of security control gaps across the organization.
  • Develop and implement scalable and efficient processes for the security GRC program.
  • Collaborate with cross functional stakeholders to ensure compliance with local regulatory security requirements and regulations.
  • Provide strategic input on board-level reporting for security matters across Stripe's global entities.
  • Support the Security GRC Manager in high-visibility, low-maturity projects that require senior-level expertise.
  • Operate autonomously leading large-scale efforts across multiple teams and functions, with stakeholders in different disciplines across time zones
  • Develop, define, and report on the team’s program health and success metrics to provide insights to management to help drive strategic direction
  • Mentor and guide junior team members, fostering a culture of continuous improvement and knowledge sharing.

Minimum requirements

  • Strong background and deep knowledge in information security governance, risk and compliance domains
  • Subject matter expert in information security frameworks, practices, policies, standards and procedures (e.g. NIST CSF, ISO 27001/2 or equivalent) 
  • Experience designing, implementing and operating programs for Security Governance, Compliance, and Risk Management
  • You have experience driving mid to large-scale projects and programs from start to finish within highly complex operating environments
  • You have strong written and verbal communication skills, building strong relationships at all levels of the organization from executives to project teams
  • Knowledge of how to use data to influence program strategy and tell compelling stories about organizational effectiveness and impact

Working remotely at Stripe

A remote location, in most cases, is defined as being 35 miles (56 kilometers) or more from one of our offices. While you would be welcome to come into the office for team/business meetings, on-sites, meet-ups, and events, our expectation is you would regularly work from home rather than a Stripe office. Stripe does not cover the cost of relocating to a remote location. We encourage you to apply for roles that match the location where you currently or plan to live.

Pay and benefits

The annual US base salary range for this role is $180,200 - $270,300. For sales roles, the range provided is the role’s On Target Earnings ("OTE") range, meaning that the range includes both the sales commissions/sales bonuses target and annual base salary for the role. This salary range may be inclusive of several career levels at Stripe and will be narrowed during the interview process based on a number of factors, including the candidate’s experience, qualifications, and location. Applicants interested in this role and who are not located in the US may request the annual salary range for their location during the interview process.

Additional benefits for this role may include: equity, company bonus or sales commissions/bonuses; 401(k) plan; medical, dental, and vision benefits; and wellness stipends.

Remote locations

Remote in United States

Team

Security

Job type

Full time

Please find our California applicant personal information notice here.

We look forward to hearing from you

At Stripe, we're looking for people with passion, grit, and integrity. You're encouraged to apply even if your experience doesn't precisely match the job description. Your skills and passion will stand out—and set you apart—especially if your career has taken some extraordinary twists and turns. At Stripe, we welcome diverse perspectives and people who think rigorously and aren't afraid to challenge assumptions. Join us.