Program Manager, Engineering - Technology GRC

About the role

The Technology Governance, Risk and Compliance (GRC) team is dedicated to delivering excellence across Stripe's compliance with global and industry-specific technology control regimes, such as PCI-DSS, SOC, and other international technology certifications. We are a team of specialist program managers to lead external audits of Stripe's technology environment, design and improve technology controls, and support our many engineering and business partners in maintaining compliance with controls requirements. We are consultants to company leaders, partners to our external auditors, builders of risk-reducing controls and internal products, and effective executors of large programs that are integral to the trust our Users place in Stripe and that of our regulators and partners.

Responsibilities

• Deep technical compliance experience: demonstrable experience implementing and operating controls and audit programs (ISO, SOC, PCI, UK Cyber Essentials, privacy audits, or similar) in complex, distributed environments.
• Design and implement baseline technology controls, ensuring they are practical, scalable, and aligned with compliance and security requirements.
• Strong engineering collaboration: proven track record working with infrastructure, platform, SRE, and product engineering teams to deliver technical controls and automation.
• Tooling and automation mindset: experience building scalable tools, frameworks, or platforms that reduce manual evidence collection and audit testing overhead.
• Fintech or regulated industry background preferred: experience with financial reporting, payment platforms, or similarly regulated systems is strongly desired.
• Program leadership at scale: ability to lead cross‑organizational programs, influence senior engineers and executives, and drive consensus across competing priorities.
• Data‑driven communicator: strong analytical skills to prioritize risk and remediation, and the ability to present complex technical compliance concepts to auditors and executives.
• Relevant education/certifications: degree in Computer Science, Information Security, Engineering, or equivalent experience. Certifications such as CISA, CISSP, PCI-related, ISO lead auditor, or other relevant credentials are a plus.

Requirements

• We're looking for someone who meets the minimum requirements to be considered for the role. If you meet these requirements, you are encouraged to apply. The preferred qualifications are a bonus, not a requirement.
• Minimum requirements
• 7+ years of experience in technical compliance, security, or risk roles with direct responsibility for audit or certification delivery (ISO, SOC, PCI, UK Cyber Essentials, privacy audits, or similar).
• Demonstrated experience leading end-to-end technical audit certification programs, including scoping, control mapping, evidence collection, remediation, and auditor engagement.
• Proven track record working closely with infrastructure, platform, SRE, and product engineering teams to implement and operationalize c

Benefits

Additional Information

About Stripe Stripe is a financial infrastructure platform for businesses. Millions of companies - from the world's largest enterprises to the most ambitious startups - use Stripe to accept payments, grow their revenue, and accelerate new business opportunities. Our mission is to increase the GDP of the internet, and we have a staggering amount of work ahead. That means you have an unprecedented opportunity to put the global economy within everyone's reach while doing the most important work of your career.

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at Stripe? Share your experience