Engineering Program Manager, Tech GRC

About the role

Chat with Stripe sales Engineering Program Manager, Tech GRC Stripe logo Jobs Our opportunity Life at Stripe Benefits University See open roles Open mobile navigation Jobs Our opportunity Life at Stripe Benefits University See open roles Close mobile navigation Roles at Stripe Role details Engineering Program Manager, Tech GRC Who we are About Stripe Stripe is a financial infrastructure platform for businesses. Millions of companies - from the world’s largest enterprises to the most ambitious startups - use Stripe to accept payments, grow their revenue, and accelerate new business opportunities. Our mission is to increase the GDP of the internet, and we have a staggering amount of work ahead. That means you have an unprecedented opportunity to put the global economy within everyone's reach while doing the most important work of your career. About the team The Technology Compliance team is dedicated to delivering excellence across Stripe’s compliance with global and industry-specific technology control regimes, such as PCI-DSS, SOC, and other international technology certifications. We are a team of specialist program managers to lead external audits of Stripe’s technology environment, design and improve technology controls, and support our many engineering and business partners in maintaining compliance with controls requirements. We are consultants to company leaders, partners to our external auditors, builders of risk-reducing controls and internal products, and effective executors of large programs that are integral to the trust our Users place in Stripe and that of our regulators and partners. What you’ll do In this role, your daily focus centers on bridging the gap between compliance requirements and high-velocity engineering. You will own the implementation of baseline technology controls, work with cross-functional teams to automate evidence collection, and contribute to the design of scalable governance and issue-management processes. You’ll translate risk requirements into practical controls, track remediation progress, and continuously improve controls and workflows to support audit readiness and operational resilience.On any given day, you might be conducting a gap analysis for a new global compliance certification, prioritizing remediation tasks based on a data-driven risk assessment, or translating complex ISO/SOC2 controls into actionable technical tickets for product engineers. As a program leader, you will serve as a strategic connector influencing senior stakeholders across infrastructure engineering to balance long-term platform health with feature delivery. You’ll advise peers on secure / compliant architecture, drive decisions that maintain an always-on audit posture, and ensure compliance is embedded in engineering roadmaps and delivery processes. Responsibilities Deep technical compliance experience: demonstrable experience implementing and operating controls and audit programs (ISO, SOC, PCI, UK Cyber Essentials, privacy audits, or similar) in complex, distributed environments. Design and implement baseline technology controls, ensuring they are practical, scalable, and aligned with compliance and security requirements. Strong engineering collaboration: proven track record working with infrastructure, platform, SRE, and product engineering teams to deliver technical controls and automation. Tooling and automation mindset: experience building scalable tools, frameworks, or platforms that reduce manual evidence collection and audit testing overhead. Acquisition integration experience (preferred): experience assessing and integrating acquired products/systems into an enterprise compliance environment. Fintech or regulated industry background preferred: experience with financial reporting, payment platforms, or similarly regulated systems is strongly desired. Program leadership at scale: ability to lead cross‑organizational programs, influence senior engineers and executives, and drive consensus across competing priorities. Data‑driven communicator: strong analytical skills to prioritize risk and remediation, and the ability to present complex technical compliance concepts to auditors and executives. People leadership and mentorship: experience coaching peers and engineering partners on program delivery and compliance‑oriented engineering practices. Relevant education/certifications: degree in Computer Science, Information Security, Engineering, or equivalent experience. Certifications such as CISA, CISSP, PCI-related, ISO lead auditor, or other relevant credentials are a plus. Who you are We're looking for someone who meets the minimum requirements to be considered for the role. If you meet these requirements, you are encouraged to apply. The preferred qualifications are a bonus, not a requirement. Minimum requirements 12+ years of experience in technical compliance, security, or risk roles with direct responsibility for audit or certification delivery (ISO, SOC, PCI, UK Cyber Essentials, privacy audits, or similar). Demonstrated experience leading end-to-end technical audit certification programs, including scoping, control mapping, evidence collection, remediation, and auditor engagement. Proven track record working closely with infrastructure, platform, SRE, and product engineering teams to implement and operationalize controls. Hands-on experience building or driving tooling/automation for evidence collection, testing, or compliance reporting. Strong program and project management skills with experience coordinating cross-functional work streams and delivering on time against competing priorities. Excellent verbal and written communication skills, with experience presenting technical compliance status to auditors, engineers, and senior leadership. Solid analytical and risk‑prioritization skills to sequence remediation activities and make data‑driven decisions. Experience integrating acquired products or systems into an enterprise compliance posture (preferred). Relevant certifications such as CISA, CISSP, ISO Lead Auditor, PCI-related certifications, or equivalent. Preferred qualifications Fintech or payments industry experience (preferred), including familiarity with regulatory expectations, payment platform architectures, and financial services risk models. Experience integrating acquired products or systems into an enterprise compliance posture. Proven ability to leverage a variety of tools to develop key metrics and broadcast program efficacy through data-driven dashboards. Strong background in cloud and infrastructure technologies (AWS, GCP, Azure), containerization, and modern platform engineering practices. Hybrid work at Stripe This role is available either in an office or a remote location (35+ miles or 56+ km from a Stripe office). In-office expectations Office-assigned Stripes spend at least 50% of the time in a given month in their local office or with users. This hits a balance between bringing people together for in-person collaboration and learning from each other, while supporting flexibility about how to do this in a way that makes sense for individuals and their teams. Working remotely at Stripe A remote location is defined as being 35 miles (56 kilometers) or more from one of our offices. While you would be welcome to come into the office for team/business meetings, on-sites, meet-ups, and events, our expectation is you would regularly work from home rather than a Stripe office. Stripe does not cover the cost of relocating to a remote location. We encourage you to apply for roles that match the location where you currently live or plan to live. Pay and benefits The annual US base salary range for this role is $193,600 - $290,400. For sales roles, the range provided is the role’s On Target Earnings ("OTE") range, meaning that the range includes both the sales commissions/sales bonuses target and annual base salary for the role. This salary range may be inclusive of several career levels at Stripe and will be narrowed during the interview process based on a number of factors, including the candidate’s experience, qualifications, and location. Applicants interested in this role and who are not located in the US may request the annual salary range for their location during the interview process. Additional benefits for this role may include: equity, company bonus or sales commissions/bonuses; 401(k) plan; medical, dental, and vision benefits; and wellness stipends. Office locations South San Francisco HQ Remote locations Remote in United States Team Infrastructure & Corporate Tech Job type Full time Apply for this role Please find our California applicant personal information notice here . The application window will remain open for 100 days after the Job Post is published. However, this opportunity will remain open based on the needs of the business, which may cause the application window to close before or after the 100-day mark. We look forward to hearing from you At Stripe, we're looking for people with passion, grit, and integrity. You're encouraged to apply even if your experience doesn't precisely match the job description. Your skills and passion will stand out—and set you apart—especially if your career has taken some extraordinary twists and turns. At Stripe, we welcome diverse perspectives and people who think rigorously and aren't afraid to challenge assumptions. Join us. Apply Now Stripe logo United States (English) Australia English Austria Deutsch English Belgium Nederlands Français Deutsch English Brazil Português English Bulgaria English Canada English Français Croatia English Italiano Cyprus English Czech Republic English Denmark English Estonia English Finland English Svenska France Français English Germany Deutsch English Gibraltar English Greece English Hong Kong English 简体中文 Hungary English India English Ireland English Italy Italiano English Japan 日本語 English Latvia English Liechtenstein Deutsch English Lithuania English Luxembourg Français Deutsch English Malaysia English 简体中文 Malta English Mexico Español English Netherlands Nederlands English New Zealand English Norway English Poland English Portugal Português English Romania English Singapore English 简体中文 Slovakia English Slovenia English Italiano Spain Español English Sweden Svenska English Switzerland Deutsch Français Italiano English Thailand ไทย English United Arab Emirates English United Kingdom English United States English Español 简体中文 Products & pricing Pricing Atlas Authorization Boost Billing Capital Checkout Crypto Climate Connect Data Pipeline Elements Financial Accounts Financial Connections Identity Invoicing Issuing Link Managed Payments Payments Payment Links Payouts Radar Revenue Recognition Stripe Sigma Tax Terminal Solutions Enterprises Startups Agentic commerce Crypto Ecommerce Embedded finance Finance automation Global businesses In-app payments Marketplaces Platforms SaaS AI companies Creator economy Hospitality, travel, and leisure Insurance Media and entertainment Nonprofits Retail Integrations & custom solutions Stripe App Marketplace Stripe Partner ecosystem Professional services Developers Documentation API reference API status API changelog Libraries and SDKs Developer blog Resources Guides Customer stories Blog Sessions annual conference Privacy & terms Prohibited & restricted businesses Licenses Sitemap Cookie settings Your privacy choices Coverage transparency More resources Company Jobs Newsroom Stripe Press Contact sales Support Get support Managed support plans CA residents: +1 888 926 2289 Sign in © 2026 Stripe, LLC