Security GRC Program Manager – Third Party

November 12

Apply Now

Receive Emails with Similar Jobs

Stripe

WebsiteLinkedInAll Job Openings

Fintech • eCommerce • B2B

Stripe is a global payments processing platform that enables businesses to accept online and in-person payments. It offers a comprehensive suite of financial services, including payment processing, billing, and revenue management tools, aimed at businesses of all sizes, from startups to enterprises. By providing a developer-friendly API, Stripe allows businesses to streamline their payment operations and embed financial services directly into their applications, facilitating both B2B and B2C transactions.

1001 - 5000 employees

Founded 2010

💳 Fintech

🛍️ eCommerce

🤝 B2B

💰 Venture Round on 2021-05

📋 Description

• Support the Third Party Security Risk Assessment (TPSRA) program operations, including creating awareness amongst the Stripe community. • Support the completion of the information security review process for all new third parties and annual reviews for all other relationships that receive and/or interact with Stripe data. • Function as the Third Party Security Risk management subject matter expert supporting cross-functional teams looking to onboard third parties in processes that interact with Stripe’s data. • Contribute to security policies and standards for assessing Third Party Security Risk. • Identify Third Party Security Risk program gaps and drive the implementation of recommended mitigations. • Partner with cross-functional stakeholders to identify, analyze and mitigate Third Party Security Risks associated with outsourced activities and products. • Operate autonomously leading assessments, and working on large-scale efforts across multiple teams and functions, with stakeholders across different time zones. • Contribute to formalizing and streamlining the Third Party Security Risk program processes to improve SLAs and provide better customer service. • Report on the program’s health and success metrics to provide insights to management to help drive strategic direction.

🎯 Requirements

• Strong background in cyber security operations, risks and controls identification and assessment • Working technical knowledge of security, as well as industry trends • Subject matter expert in cyber and information security practices, policies, standards and procedures (e.g. NIST CSF or equivalent) • Experience implementing and operating programs for Security Compliance, IT Compliance, Information/Cyber security or Security Risk Management • You have experience driving mid to large-scale projects and programs from start to finish within highly complex operating environments • You have strong written and verbal communication skills, building strong relationships at all levels of the organization from executives to project teams • Knowledge of how to use data to influence program strategy and tell compelling stories about organizational effectiveness and impact.

🏖️ Benefits

• Health insurance • 401(k) matching • Flexible work hours • Paid time off • Remote work options