Security GRC Program Manager
Employment Information
Report this job
Job expired or something wrong with this job?
Job Description
Security GRC Program Manager managing customer trust and compliance efforts in a fast-paced fintech startup environment. Leading audit preparations and third-party assessments with a focus on operational efficiency.
Responsibilities:
- Lead customer due diligence questionnaire (DDQ) and RFP response process and third-party risk management process; track and manage high volume of DDQ and RFP requests. Coordinate and collaborate with internal teams to meet tight deadlines. Handle a high volume of requests and interactions in a fast-paced environment
- Support enterprise sales with technical customer security discussions
- Lead SOC 2 Type II audit preparation, evidence collection, and remediation
- Conduct third party vendor security assessments, collaborate on third party risk management processes
- Implement and manage third party tool and new processes to create efficiencies
- Develop the security narrative and conduct security reviews for new product functionality to enable GTM
- Review and negotiate security and compliance language in customer contracts in collaboration with Legal team
- Build and manage Trust Center integrations and public-facing security documentation in collaboration with Legal team
- Build customer-facing compliance artifacts (security whitepapers, certifications)
Requirements:
- Minimum of 5 years in a technical and/or security role with customer facing experience
- Minimum of 3 years experience in program management, customer trust, or DDQ/RFP management within the tech industry with highly regulated customers
- Proven track record in driving security processes and operational plans
- Requires strong attention to detail, organizational skills, good judgement, and the ability to prioritize tasks, manage timelines, and meet tight deadlines
- Strong contract review and negotiation skills related to security and compliance
- Knowledge of security risks, vulnerabilities, and threat management
- Background in supporting customer audits and engagements
- Nice to Have: Experience in fintech, healthtech, or regulated industries
- Prior experience at Series B-D companies scaling security compliance programs
- Demonstrable experience implementing tools to drive and streamline DDQ processes
Benefits:
- Flexible paid time off policy and 10 company-wide paid holidays
- Parental leave, 4 weeks for all full-time employees and up to 12 weeks for birthing parents
- Medical, dental, and vision benefits coverage for employees and their families
- 401K eligibility after one month of employment
- Free estate planning documents
- Budget for learning & development and home office setup
- Paid parking or transit for hybrid and in office employees
Similar Jobs
SNOC Engineer II – Security
SNOC Engineer II enhancing security and operations for technology services at DYOPATH. Responsible for threat detection, incident response, and team mentorship in a collaborative environment.
Senior Software Security Engineer
Senior Software Security Engineer designing and implementing security controls at Kentik. Leading security initiatives and collaborating with teams to ensure secure software delivery.
Data Loss Prevention Security Engineer
Data Loss Prevention Security Engineer responsible for enterprise data protection solutions. Supporting important missions through advanced technologies and policy enforcement in a remote setup.
Fullstack Software Engineer, Cloud, Code, Security
Software Engineer developing scalable cloud solutions at Vanta. Driving product growth while mentoring the engineering team and enhancing customer compliance experience.
Fullstack Software Engineer, Cloud, Code, Security
Software Engineer at Vanta empowering companies to improve cloud-related security and compliance. Collaborating with product and design teams to deliver impactful customer solutions.
SLED Cybersecurity Sales Specialist
SLED Cybersecurity Sales Specialist creating and driving sales pipeline for mid-to-large accounts. Focused on strategic positioning of products and fostering professional relationships with clients.
Senior SAP GRC, Security Consultant
Senior SAP GRC & Security Consultant responsible for SAP Security implementation and governance across complex landscapes. Seeking candidates with extensive SAP experience and compliance knowledge.
Senior Consultant – Physical Security Training, Consulting, Business Development
Senior Consultant in Physical Security Training at Vizient, managing security programs and improving vendor relationships. Collaborating with leadership to enhance security processes and training.
Executive Technology and Security Specialist
Executive Technology & Security Specialist keeping Onebrief’s executive team productive, protected, and confident in their technology. Taking ownership of executive devices and implementing enhanced security controls.
AI Security Engineer – IAM
AI Security Engineer focusing on IAM at Dell. Contributing to Cybersecurity Engineering & Operations in Brazil.
Senior Information Security Consultant
Senior Information Security Consultant at World Foundation, solving global security challenges and ensuring protocol integrity through hands-on guidance and team collaboration.
Security Managed Services Engineer
Security Managed Services Engineer at NTT DATA ensuring operational security infrastructures for clients. Handling incidents, requests, and collaborating on automation to optimize security operations.
Security Engineer
Senior Security Engineer ensuring high-impact security for Canals' AI-driven global supply chain platform. Leading security strategy, incident response, and collaborating across teams in a remote-first environment.
Senior Ethical Hacker
Senior Ethical Hacker performing penetration testing and mentoring for Packetlabs' Australian Security practice. Collaborating with global teams to ensure consistency in standards and methodologies.
Técnico/a Ciberseguridad
CIBERSEGURIDAD Technician with 3-5 years of experience for aerospace projects at IRIUM. Engaging in technical security audits and pentesting for applications and infrastructure.
LBM Engineer – Cybersecurity Solutions
Cybersecurity Engineer implementing and maintaining security measures to protect US LBM from cyber threats. Involves developing IAM systems, resolving technical issues, and ensuring data security.
Security Engineer II
Security Engineer II at Subsplash, focusing on security vulnerability analysis and remediation in cloud systems. Collaborating with teams to integrate security practices across the software development lifecycle.
Senior Security Controls Assessor
Senior Security Controls Assessor providing assessments of MARAD information systems in support of authorization and continuous monitoring. Evaluating security controls and collaborating with stakeholders to ensure compliance.
Senior Analyst, Security Risk Management, Issues/Vulnerability Management
Provide compliance-related support for Vulnerability Management program at CVS Health. Oversee workflows and support application teams in maintaining compliance standards.
Information Systems Security Officer – ISSO
Senior Information Systems Security Officer handling information assurance activities for a Federal agency. Leading risk management framework assessment and security controls implementation.