Program Manager, Technology Compliance - Toronto, Canada - Stripe

Description

Who we are

About Stripe

Stripe is a financial infrastructure platform for businesses. Millions of companies—from the world's largest enterprises to the most ambitious startups—use Stripe to accept payments, grow their revenue, and accelerate new business opportunities. Our mission is to increase the GDP of the Internet, and we have a staggering amount of work ahead. That means you have an unprecedented opportunity to put the global economy within everyone's reach while doing the most important work of your career.

About the team

The Technology Compliance team is responsible for managing Technology compliance, controls and risk initiatives at Stripe. We have a team of technical program managers who focus on driving compliance within Stripe against industry/regulatory standards and helping us achieve compliance against them. Program managers in the team not only work on leading compliance and risk efforts to completion but also maintain strong relationships with internal stakeholders to support and answer compliance questions.

What you'll do We're looking for someone to support our security and technology assessments (SOC 1&2), create a strong control ownership culture internally, and ensure Stripe products enable compliance for our users.The right person for this role will have deep technical discussions with our engineering teams to understand controls, processes and come up with creative ways to meet the intent of regulatory requirements. This means not only understanding multiple technical regulations but also having a technical understanding of common technologies and systems to have constructive discussions with our engineering teams. Also, this person should be someone who has experience formally managing compliance programs and enjoys doing them.

Responsibilities

Conduct and lead external audits, working closely with our Product and Engineering teams to ensure that our services and users remain compliant and ahead of applicable security standards

Partner with control owners and team on automation of evidence collection and control monitoring

Integrate new products and services into current compliance audits. Perform scoping, assist with control implementation and control testing for new products and services

Partner with Engineering teams to decompose ambiguous technical regulatory requirements into clear actionable deliverables

Maintain and enhance compliance to product security requirements

Stay abreast of upcoming security regulatory changes that may impact Stripe or our users, and collaborate with engineering teams to make them seamless and transparent

Be a force multiplier for our customers—helping us devise ways of minimizing the burden of compliance so they can better grow their business

Partner with teams across Stripe to develop our communication strategy on Security

Identifying inefficiencies in processes and products and driving improvements

Who you are

We're looking for someone who meets the minimum requirements to be considered for the role. If you meet these requirements, you are encouraged to apply.

Minimum requirements:

4+ years of experience working in the security regulatory/compliance field and 2+ years particularly scoping, leading SOC audits

Expertise in the security practices of the payment industry and in other security regulations (AICPA trust principles, NIST, ISO)

Technical security-specific background and an understanding of the digital economy

Solid understanding of security risks and threats, and in developing effective and measurable mitigation programs

A growth mind-set to help scale security compliance initiatives for the future of Stripe

Great communicator and able to effectively prioritize and advance a large number of projects happening simultaneously, often on tight deadlines

Experience building and managing relationships with internal stakeholders and driving all parties towards an optimal outcome

Out-of-the-box thinking that challenges industry norms with a solid grounding in creating great and safe experiences

Resourceful, action-oriented with strong organization skills and attention to detail

Able to prioritize competing demands while working on complex problems

Hybrid work at Stripe

Office-assigned Stripes spend at least 50% of the time in a given month in their local office or with users. This hits a balance between bringing people together for in-person collaboration and learning from each other, while supporting flexibility about how to do this in a way that makes sense for individuals and their teams.

Pay and benefits

The annual salary range for this role in the primary location is C$111,500 - C$209,500. This range may change if you are hired in another location. For sales roles, the range provided is the role's On Target Earnings ("OTE") range, meaning that the range includes both the sales commissions/sales bonuses target and annual base salary for the role. This salary range may be inclusive of several career levels at Stripe and will be narrowed during the interview process based on a number of factors, including the candidate's experience, qualifications, and specific location. Applicants interested in this role and who are not located in the primary location may request the annual salary range for their location during the interview process.

Specific benefits and details about what compensation is included in the salary range listed above will vary depending on the applicant's location and can be discussed in more detail during the interview process. Benefits/additional compensation for this role may include: equity, company bonus or sales commissions/bonuses; retirement plans; health benefits; and wellness stipends.