Program Manager, Security Business Enablement

Stripe
US
Remote

Who this role is best for

Best suited to mid-level security professionals with expertise in compliance frameworks and experience engaging with external stakeholders in a global financial context.

Best fit for

  • Security professionals adept at balancing business needs with compliance requirements.
    — “understand how to balance business needs with security requirements
  • Candidates with experience driving large-scale security programs across complex environments.
    — “experience driving large-scale projects and programs from start to finish
  • Individuals skilled in communicating security controls to global financial institutions.
    — “communicate clear and succinct security compliance controls and requirements

Things to consider

  • Role requires engagement with stakeholders across multiple time zones.
    — “with stakeholders in different disciplines and time zones
  • Must operate autonomously while leading cross-functional security efforts.
    — “Operate autonomously, leading large-scale efforts

How to stand out

  • Highlight specific instances where you automated security controls or evidence generation.
    — “experience working with engineers for the automation of security controls
  • Demonstrate expertise in NIST CSF, PCI DSS, or ISO 27001 frameworks.
    — “subject matter expert in information security frameworks
  • Showcase experience developing security policies based on cybersecurity frameworks.
    — “Develop information security policies and standards based on cybersecurity framework guidelines
Pace · SteadyCollaboration · HighAutonomy · HighDecision Impact · TeamLevel · Mid

Derived from job-description analysis by Serendipath's career intelligence engine.

What success looks like

  • building trust with customers and partners
  • implementing and operating tooling and automation
  • developing information security policies and standards
  • reporting on program health and success metrics
Typical background
5+ years of experience in information securityexperience in driving large-scale projects and programs

Skills & requirements

Required

Information SecurityCross-functional Team LeadershipTooling And AutomationSecurity Policies And StandardsProgram Health Metrics

Preferred

NIST CSFPCI DSSISO 27001SOC 2Security Frameworks

Stack & domain

Information Security FrameworksNist CsfPci DssIso 27001Soc 2Security PoliciesSecurity StandardsSecurity ProceduresRisk ManagementComplianceSecurity OperationsSecurity ControlsSecurity MetricsAutomationAIData AnalysisCommunicationLeadershipProject ManagementProblem-solvingAttention To DetailStrategic ThinkingInformation SecurityCybersecurity

About the role

Original posting from Stripe

Who we are

About Stripe

Stripe is a financial infrastructure platform for businesses. Millions of companies - from the world’s largest enterprises to the most ambitious startups - use Stripe to accept payments, grow their revenue, and accelerate new business opportunities. Our mission is to increase the GDP of the internet, and we have a staggering amount of work ahead. That means you have an unprecedented opportunity to put the global economy within everyone's reach while doing the most important work of your career.

About the team

The Stripe Security team is dedicated to improving the security of Stripe and its users. Our users trust us with some of their most sensitive information, and we make security a first-class consideration in everything we do. Security concerns are ever-evolving, creating an extremely dynamic environment for the Security team.

The goal of the Security Business Enablement team at Stripe is to build trust with our current and prospective customers and partners.  We support Sales, Marketing, Legal, and Privacy by directly engaging with our customers and partners to communicate and represent the security activities performed by hundreds of employees and thousands of processes across our suite of products and services to operate the tools and platforms necessary to scale our resources across millions of users.

What you’ll do

The Security Business Enablement Program Manager position will be part of Stripe’s Office of the CISO pillar.  You will represent all of Stripe directly to our customers and partners, facilitate conversations with Legal and Security teams, and identify opportunities to enhance our coverage and scalability with tooling and automation.

Responsibilities

Function as an information security subject matter expert and lead cross-functional teams to engage with customers and partners to build trust and grow our business

Serve as the main point of contact for all go-to-market related requests

Operate autonomously, leading large-scale efforts to implement and operating tooling and automation across multiple teams and functions, with stakeholders in different disciplines and time zones

Identify and evaluate information security control gaps and oversee remediation efforts, in partnership with control owners

Develop information security policies and standards based on cybersecurity framework guidelines

Develop, define, and report on the team’s program health and success metrics to provide insights to management to help drive strategic direction

Who you are

We're looking for someone who meets the minimum requirements to be considered for the role. If you meet these requirements, you are encouraged to apply. The preferred qualifications are a bonus, not a requirement.

Minimum requirements

You are a subject matter expert in information security frameworks, practices, policies, standards and procedures (e.g. NIST CSF, PCI DSS, ISO 27001, SOC 2 or equivalent) 

You understand how to balance business needs with security requirements and focus on business outcomes

You have 5+ years engaging with customer and partner business, engineering, security, compliance, and legal teams as part of the go-to-market sales cycle

You have experience driving large-scale projects and programs from start to finish within highly complex operating environments

You have strong written and verbal communication skills, building strong relationships at all levels of the organization from executives to project teams

You communicate clear and succinct security compliance controls and requirements with external Stripe stakeholders, including security counter-parties at global financial institutions

You possess a strong background in information security operations, risks and controls identification, and assessment

You are a critical thinker, passionate, self-driven, and detail-oriented

Preferred qualifications

You have developed reports on program performance via dashboards and OKRs, and perform detailed data analysis

You have experience working with engineers for the automation of security controls and generation of evidence

You have utilized AI to automate complex information gathering tasks and built interfaces for non-technical users

Source: Stripe careers

Similar roles