Security GRC Program Manager, Third Party

Support the Third Party Security Risk Assessment (TPSRA) program operations, including creating awareness amongst the Stripe community. Support the completion of the information security review process for all new third parties and annual reviews for all other relationships that receive and/or interact with Stripe data. Function as the Third Party Security Risk management subject matter expert supporting cross-functional teams looking to onboard third parties in processes that interact with Stripe’s data. Contribute to security policies and standards for assessing Third Party Security Risk.

Identify Third Party Security Risk program gaps and drive the implementation of recommended mitigations. Partner with cross-functional stakeholders to identify, analyze and mitigate Third Party Security Risks associated with outsourced activities and products. Operate autonomously leading assessments, and working on large-scale efforts across multiple teams and functions, with stakeholders across different time zones. Contribute to formalizing and streamlining the Third Party Security Risk program processes to improve SLAs and provide better customer service. Report on the program’s health and success metrics to provide insights to management to help drive strategic direction.