Chat with Stripe sales 8 sales reps available We're here to discuss your business needs. Chat now with sales Program Manager, Engineering - Technology GRC Stripe logo Jobs Our opportunity Life at Stripe
Benefits University See open roles Open mobile navigation Jobs Our opportunity Life at Stripe
Benefits University See open roles Close mobile navigation Roles at Stripe Role details Program Manager, Engineering - Technology GRC About Stripe Stripe is a financial infrastructure platform for businesses. Millions of companies - from the world’s largest enterprises to the most ambitious startups - use Stripe to accept payments, grow their revenue, and accelerate new business opportunities. Our mission is to increase the GDP of the internet, and we have a staggering amount of work ahead. That means you have an unprecedented opportunity to put the global economy within everyone's reach while doing the most important work of your career.
About
the team The Technology Governance, Risk and Compliance (GRC) team is dedicated to delivering excellence across Stripe’s compliance with global and industry-specific technology control regimes, such as PCI-DSS, SOC, and other international technology certifications. We are a team of specialist program managers to lead external audits of Stripe’s technology environment, design and improve technology controls, and support our many engineering and business partners in maintaining compliance with controls
requirements. We are consultants to company leaders, partners to our external auditors, builders of risk-reducing controls and internal products, and effective executors of large programs that are integral to the trust our Users place in Stripe and that of our regulators and partners. What you’ll do In this role, your daily focus centers on bridging the gap between compliance
requirements and high-velocity engineering. You will be a subject matter expert in technology compliance standards to ensure that Stripe’s products and platform operate in accordance with the
requirements they are subject to. You will apply critical thinking to define compliant workflows, design effective controls, and drive adoption of those workflows across engineering and operations teams. You’ll advise peers on secure and compliant architecture, drive decisions that maintain an always-on audit posture, and ensure compliance is embedded in engineering roadmaps and delivery processes. You’ll translate technology risk into practical controls, track remediation progress, and continuously improve controls and workflows to support audit readiness and operational resilience. On any given day, you might be conducting a gap analysis for a new global compliance certification, prioritizing remediation tasks based on a data-driven risk assessment, or translating complex ISO/SOC 2 controls into actionable technical tickets for product engineers.You will work with cross-functional teams to automate evidence collection, define program milestones, success metrics, and operating cadences. As a program lead, you will manage dependencies, risks, and escalations across teams and drive clear accountability to ensure timely closure of remediation items.
Responsibilities Deep technical compliance experience: demonstrable experience implementing and operating controls and audit programs (ISO, SOC, PCI, UK Cyber Essentials, privacy audits, or similar) in complex, distributed environments. Design and implement baseline technology controls, ensuring they are practical, scalable, and aligned with compliance and security
requirements. Strong engineering collaboration: proven track record working with infrastructure, platform, SRE, and product engineering teams to deliver technical controls and automation. Tooling and automation mindset: experience building scalable tools, frameworks, or platforms that reduce manual evidence collection and audit testing overhead. Fintech or regulated industry background preferred: experience with financial reporting, payment platforms, or similarly regulated systems is strongly desired. Program leadership at scale: ability to lead cross‑organizational programs, influence senior engineers and executives, and drive consensus across competing priorities. Data‑driven communicator: strong analytical skills to prioritize risk and remediation, and the ability to present complex technical compliance concepts to auditors and executives. Relevant education/certifications: degree in Computer Science, Information Security, Engineering, or equivalent experience. Certifications such as CISA, CISSP, PCI-related, ISO lead auditor, or other relevant credentials are a plus.
Who you are We're looking for someone who meets the minimum
requirements to be considered for
the role. If you meet these
requirements, you are encouraged to apply. The preferred
qualifications are a
bonus, not a requirement. Minimum
requirements 7+ years of experience in technical compliance, security, or risk roles with direct responsibility for audit or certification delivery (ISO, SOC, PCI, UK Cyber Essentials, privacy audits, or similar). Demonstrated experience leading end-to-end technical audit certification programs, including scoping, control mapping, evidence collection, remediation, and auditor engagement. Proven track record working closely with infrastructure, platform, SRE, and product engineering teams to implement and operationalize controls. Hands-on experience building or driving tooling/automation for evidence collection, testing, or compliance reporting. Strong program and project management skills with experience coordinating cross-functional work streams and delivering on time against competing priorities. Excellent verbal and written communication skills, with experience presenting technical compliance status to auditors, engineers, and senior leadership. Solid analytical and risk‑prioritization skills to sequence remediation activities and make data‑driven decisions. Experience integrating acquired products or systems into an enterprise compliance posture (preferred). Relevant certifications such as CISA, CISSP, ISO Lead Auditor, PCI-related certifications, or equivalent. Preferred
qualifications Fintech or payments industry experience (preferred), including familiarity with regulatory expectations, payment platform architectures, and financial services risk models. Experience integrating acquired products or systems into an enterprise compliance posture. Proven ability to leverage a variety of tools to develop key metrics and broadcast program efficacy through data-driven dashboards. Strong background in cloud and infrastructure technologies (AWS, GCP, Azure), containerization, and modern platform engineering practices. In-office expectations Office-assigned Stripes in most of our locations are currently expected to spend at least 50% of the time in a given month in their local office or with users. This expectation may vary depending on role, team and location. For example, Stripes in Stripe Delivery Center roles in Mexico City, Mexico, Bengaluru, India, and Dublin, Ireland work 100% from the office. Also, some teams have greater in-office attendance
requirements, to appropriately support our users and workflows, which the hiring manager will discuss. This approach helps strike a balance between bringing people together for in-person collaboration and learning from each other, while supporting flexibility when possible. Pay and
benefits The annual salary range for this role in the primary location is €88,800 - €133,200. This range may change if you are hired in another location. For sales roles, the range provided is
the role’s On Target Earnings (“OTE”) range, meaning that the range includes both the sales commissions/sales bonuses target and annual base salary for
the role. This salary range may be inclusive of several career levels at Stripe and will be narrowed during the interview process based on a number of factors, including the candidate’s experience,
qualifications, and specific location. Applicants interested in this role and who are not located in the primary location may request the annual salary range for their location during the interview process. Specific
benefits and details about what
compensation is included in the salary range listed above will vary depending on the applicant’s location and can be discussed in more detail during the interview process.
Benefits/additional
compensation for this role may include: equity, company
bonus or sales commissions/bonuses; retirement plans; health
Launched out of Y Combinator’s 2009 Summer batch, Stripe is a global technology company that builds economic infrastructure for the internet. Businesses of every size—from new startups to public companies—use our software to accept payments and manage their businesses online Stripe is a proud partner of YC companies—from Airbnb (S09) to Defog (W23)—to help them grow their businesses and increase the GDP of the internet.
