Program Manager, Technology Controls and Compliance

Who we are

About Stripe

Stripe is a financial infrastructure platform for businesses. Millions of companies—from the world’s largest enterprises to the most ambitious startups—use Stripe to accept payments, grow their revenue, and accelerate new business opportunities. Our mission is to increase the GDP of the Internet, and we have a staggering amount of work ahead. That means you have an unprecedented opportunity to put the global economy within everyone’s reach while doing the most important work of your career.

About the team

The Compliance Management team is responsible for managing Technology compliance, controls and risk initiatives at Stripe. We have a team of technical program managers who focus on driving compliance within Stripe against industry/regulatory standards and helping us achieve compliance against them. Program managers in the team not only work on leading compliance and risk efforts to completion but also maintain strong relationships with internal stakeholders to support and answer compliance questions.

What you’ll do

You will be a subject matter expert in technology compliance standards and controls to ensure that Stripe’s products and platform operate in accordance to requirements that they are subject to. You will have deep technical discussions with our engineering teams to understand controls, processes and come up with creative ways to meet the intent of security requirements. In this role you will be managing compliance audits by planning requirements, identifying risks, managing schedules and clearly communicating to internal and external stakeholders. You will also be supporting Stripe’s controls initiatives to design, document, monitor and update technical controls by working closely with engineering owners. 

Responsibilities

• Conduct and lead security assessments, working closely with our Product and Engineering teams to ensure that our services and users remain compliant and ahead of applicable security standards
• Work closely with internal teams at Stripe to design, document, monitor and update technical controls
• Partner with Engineering teams to decompose ambiguous technical regulatory requirements into clear actionable deliverables
• Maintain and enhance compliance to product security requirements 
• Stay abreast of upcoming security regulatory changes that may impact Stripe or our users, and collaborate with engineering teams to make them seamless and transparent
• Partner with teams across Stripe to develop our communication strategy on Security
• Identifying inefficiencies in processes and products and driving improvements

Who you are

We’re looking for someone who meets the minimum requirements to be considered for the role. If you meet these requirements, you are encouraged to apply. 

Minimum requirements

• 3+ years of experience managing compliance (SOC, PCI, ISO) and control programs
• Has experience working designing and monitoring technical controls 
• Solid understanding of security risks, threats, and in developing effective and measurable mitigation programs
• Technical security background and an understanding of the payment ecosystem
• A growth mind-set to help scale security compliance initiatives for the future of Stripe
• Great communicator and able to effectively prioritize and advance a large number of projects happening simultaneously, often on tight deadlines
• Experience building and managing relationships with internal stakeholders and driving all parties towards an optimal outcome
• Out-of-the-box thinking that challenges industry norms with a solid grounding in creating great and safe experiences
• Resourceful, action-oriented with strong organization skills and attention to detail
• Able to prioritize competing demands while working on complex problems