Program Manager, Security Business Enablement

Who we are About StripeStripe is a financial infrastructure platform for businesses. Millions of companies - from the world’s largest enterprises to the most ambitious startups - use Stripe to accept payments, grow their revenue, and accelerate new business opportunities. Our mission is to increase the GDP of the internet, and we have a staggering amount of work ahead. That means you have an unprecedented opportunity to put the global economy within everyone's reach while doing the most important work of your career.About the teamThe Stripe Security team is dedicated to improving the security of Stripe and its users. Our users trust us with some of their most sensitive information, and we make security a first-class consideration in everything we do. Security concerns are ever-evolving, creating an extremely dynamic environment for the Security team.The goal of the Security Business Enablement team at Stripe is to build trust with our current and prospective customers and partners. We support Sales, Marketing, Legal, and Privacy by directly engaging with our customers and partners to communicate and represent the security activities performed by hundreds of employees and thousands of processes across our suite of products and services to operate the tools and platforms necessary to scale our resources across millions of users.What you’ll doThe Security Business Enablement Program Manager position will be part of Stripe’s Office of the CISO pillar. You will represent all of Stripe directly to our customers and partners, facilitate conversations with Legal and Security teams, and identify opportunities to enhance our coverage and scalability with tooling and automation.ResponsibilitiesFunction as an information security subject matter expert and lead cross-functional teams to engage with customers and partners to build trust and grow our businessServe as the main point of contact for all go-to-market related requestsOperate autonomously, leading large-scale efforts to implement and operating tooling and automation across multiple teams and functions, with stakeholders in different disciplines and time zonesIdentify and evaluate information security control gaps and oversee remediation efforts, in partnership with control ownersDevelop information security policies and standards based on cybersecurity framework guidelinesDevelop, define, and report on the team’s program health and success metrics to provide insights to management to help drive strategic directionWho you areWe're looking for someone who meets the minimum requirements to be considered for the role. If you meet these requirements, you are encouraged to apply. The preferred qualifications are a bonus, not a requirement.Minimum requirementsYou are a subject matter expert in information security frameworks, practices, policies, standards and procedures (e.g. NIST CSF, PCI DSS, ISO 27001, SOC 2 or equivalent) You understand how to balance business needs with security requirements and focus on business outcomesYou have 5+ years engaging with customer and partner business, engineering, security, compliance, and legal teams as part of the go-to-market sales cycleYou have experience driving large-scale projects and programs from start to finish within highly complex operating environmentsYou have strong written and verbal communication skills, building strong relationships at all levels of the organization from executives to project teamsYou communicate clear and succinct security compliance controls and requirements with external Stripe stakeholders, including security counter-parties at global financial institutionsYou possess a strong background in information security operations, risks and controls identification, and assessmentYou are a critical thinker, passionate, self-driven, and detail-orientedPreferred qualificationsYou have developed reports on program performance via dashboards and OKRs, and perform detailed data analysisYou have experience working with engineers for the automation of security controls and generation of evidenceYou have utilized AI to automate complex information gathering tasks and built interfaces for non-technical usersOriginally posted on Himalayas