[Remote] Security GRC Program Manager, Third Party

Note:The job is a remote job and is open to candidates in USA. Stripe is a financial infrastructure platform for businesses that aims to increase the GDP of the internet. The Security GRC Program Manager will support the Third Party Security Risk Assessment program, focusing on developing policies and processes to manage third-party security risks effectively. Responsibilities• Support the Third Party Security Risk Assessment (TPSRA) program operations, including creating awareness amongst the Stripe community.• Support the completion of the information security review process for all new third parties and annual reviews for all other relationships that receive and/or interact with Stripe data. • Function as the Third Party Security Risk management subject matter expert supporting cross-functional teams looking to onboard third parties in processes that interact with Stripe’s data. • Contribute to security policies and standards for assessing Third Party Security Risk. • Identify Third Party Security Risk program gaps and drive the implementation of recommended mitigations.• Partner with cross-functional stakeholders to identify, analyze and mitigate Third Party Security Risks associated with outsourced activities and products. • Operate autonomously leading assessments, and working on large-scale efforts across multiple teams and functions, with stakeholders across different time zones. • Contribute to formalizing and streamlining the Third Party Security Risk program processes to improve SLAs and provide better customer service. • Report on the program’s health and success metrics to provide insights to management to help drive strategic direction.Skills• Strong background in cyber security operations, risks and controls identification and assessment• Working technical knowledge of security, as well as industry trends• Subject matter expert in cyber and information security practices, policies, standards and procedures (e.g. NIST CSF or equivalent)• Experience implementing and operating programs for Security Compliance, IT Compliance, Information/Cyber security or Security Risk Management• You have experience driving mid to large-scale projects and programs from start to finish within highly complex operating environments• You have strong written and verbal communication skills, building strong relationships at all levels of the organization from executives to project teams• Knowledge of how to use data to influence program strategy and tell compelling stories about organizational effectiveness and impact• Report on program performance via dashboards, OKRs and perform basic data analysis (e.g.SQL, Redshift, Tableau)• Experience working with JIRA, Whistic, Bitsight• Experience working with engineers for the automation of security controlsCompany Overview• Stripe is an API technology company that provides online payment processing and commerce solutions for Internet businesses. It was founded in 2010, and is headquartered in South San Francisco, California, USA, with a workforce of 5001-10000 employees. Its website isCompany H1B Sponsorship• Stripe has a track record of offering H1B sponsorships, with 219 in 2025, 283 in 2024, 141 in 2023, 379 in 2022, 276 in 2021, 111 in 2020.Please note that this does not guarantee sponsorship for this specific role. Apply tot his job