GRC Program Manager

Job not on LinkedIn

🕒 April 4

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

Astra Finance

WebsiteLinkedInAll Job Openings

11 - 50 employees

💳 Fintech

💸 Finance

☁️ SaaS

Fintech • Finance • SaaS

Astra Finance is an all-in-one payments platform that provides an API for processing instant payments between bank accounts and cards. It is designed for product teams aiming to embed secure and fast payment solutions while minimizing the risk of fraud and failures. With features like instant disbursements, payout options, and accelerated ACH transfers, Astra Finance offers a full-stack payment processing solution, making it an ideal choice for fintech companies looking to streamline their payments infrastructure.

📋 Description

• Own day-to-day execution of SOC 1, SOC 2, PCI DSS, and ISO 27001 readiness and audit cycles. • Develop and maintain policies, procedures, risk assessments, control narratives, and supporting documentation that meet auditor expectations and scale with the business. • Map controls across SOC, ISO, PCI, and NIST frameworks to identify overlap, gaps, automation opportunities, and control maturity improvements. • Facilitate risk assessments for systems, vendors, products, and business initiatives. Maintain risk registers, mitigation plans, and executive reporting on residual risk. • Partner with engineering and infrastructure teams to translate security requirements into practical technical controls across cloud infrastructure, SDLC, access management, logging, monitoring, and incident response. • Manage vendor security reviews, questionnaires, evidence validation, risk scoring, and ongoing monitoring for critical third parties and partners. • Support customer security reviews, security questionnaires, and trust documentation that enable enterprise sales and bank partnerships. • Help build scalable compliance workflows, tooling, and automation to reduce manual effort and improve evidence quality as Astra grows. • Maintain dashboards and reporting on audit status, control health, remediation progress, and risk posture for leadership.

🎯 Requirements

• 3–6+ years of experience in governance, risk, compliance, audit, or information security roles. • Hands-on experience supporting or leading SOC 1 and/or SOC 2 audits; experience with PCI DSS and ISO 27001 is strongly preferred. • Strong working knowledge of compliance frameworks (SOC, ISO 27001, NIST CSF, PCI DSS) and how controls operate in practice. • Experience working cross-functionally with engineering, product, and operations teams in a technical environment. • Proven ability to build and maintain high-quality documentation, evidence, and audit artifacts. • Comfort operating in fast-moving environments where priorities evolve and ambiguity is common. • Ambition to structure and systems 0 to 1, and comfort in creating frameworks, templates, and playbooks that scale. • Experience collaborating with Product, Sales, and Engineering teams to align on priorities and drive outcomes.

🏖️ Benefits

• Competitive compensation with equity in a growing fintech company. • Remote-first culture with flexible working arrangements. • Professional growth opportunities in compliance and risk management. • Mission-driven — build infrastructure that powers financial innovation while meeting the highest regulatory standards.