Engineering Program Manager, Tech GRC

## About the Role The Engineering Program Manager, Tech GRC, plays a pivotal role in ensuring Stripe's technology environment meets the highest standards of compliance and governance. This involves working closely with cross-functional teams to design and implement baseline technology controls, automate evidence collection, and contribute to scalable governance and issue-management processes. The role is critical in translating risk requirements into practical controls, tracking remediation progress, and continuously improving controls and workflows to support audit readiness and operational resilience.

The successful candidate will be part of the Technology Compliance team, dedicated to delivering excellence across Stripe’s compliance with global and industry-specific technology control regimes. This is a unique opportunity to work with a team of specialist program managers, leading external audits, designing and improving technology controls, and supporting engineering and business partners in maintaining compliance with controls requirements.

In this role, a typical day might involve conducting a gap analysis for a new global compliance certification, prioritizing remediation tasks based on a data-driven risk assessment, or translating complex ISO/SOC2 controls into actionable technical tickets for product engineers. The Engineering Program Manager will serve as a strategic connector, influencing senior stakeholders across infrastructure engineering to balance long-term platform health with feature delivery.

## What You Will Do - Own the implementation of baseline technology controls, ensuring they are practical, scalable, and aligned with compliance and security requirements.

• Work with cross-functional teams to automate evidence collection and contribute to the design of scalable governance and issue-management processes.
• Translate risk requirements into practical controls and track remediation progress.
• Continuously improve controls and workflows to support audit readiness and operational resilience.
• Conduct gap analyses for new global compliance certifications.
• Prioritize remediation tasks based on data-driven risk assessments.
• Translate complex ISO/SOC2 controls into actionable technical tickets for product engineers.
• Serve as a strategic connector, influencing senior stakeholders across infrastructure engineering.
• Advise peers on secure and compliant architecture.
• Drive decisions that maintain an always-on audit posture.
• Ensure compliance is embedded in engineering roadmaps and delivery processes.

## What We Are Looking For - Demonstrable experience implementing and operating controls and audit programs (ISO, SOC, PCI, UK Cyber Essentials, privacy audits, or similar) in complex, distributed environments.

• Strong engineering collaboration skills, with a proven track record of working with infrastructure, platform, SRE, and product engineering teams.
• Experience building scalable tools, frameworks, or platforms that reduce manual evidence collection and audit testing overhead.
• Fintech or regulated industry background, with experience in financial reporting, payment platforms, or similarly regulated systems.
• Program leadership at scale, with the ability to lead cross-organizational programs, influence senior engineers and executives, and drive consensus across competing priorities.
• Data-driven communicator, with strong analytical skills to prioritize risk and remediation.
• Experience with Excel and other compliance and risk management tools.

## Nice to Have - Acquisition integration experience, with a focus on assessing and integrating acquired products/systems into an enterprise compliance environment.

• Knowledge of emerging trends and technologies in compliance and governance.
• Certification in compliance, security, or a related field (e.g., CISA, CISSP).

## Benefits and Perks - Competitive compensation package.

• Equity in a leading fintech company.
• Comprehensive health insurance.
• Generous PTO policy.
• Remote work stipend.
• Opportunities for professional growth and development.
• Access to cutting-edge technologies and tools.
• Collaborative and dynamic work environment.
• Recognition and reward for outstanding performance.

- Ensure your resume highlights specific examples of implementing and operating controls and audit programs, especially in complex, distributed environments.

• Prepare to discuss your experience with engineering collaboration and how you've driven compliance and security requirements in previous roles.
• Familiarize yourself with emerging trends and technologies in compliance and governance to stand out as a forward-thinking candidate.
• Be ready to provide examples of how you've used data-driven approaches to prioritize risk and remediation, and how you've communicated these insights to stakeholders.
• Consider creating a portfolio that showcases your ability to design and implement scalable governance and issue-management processes.
• During salary negotiations, emphasize your unique blend of technical compliance expertise and engineering collaboration skills, and be prepared to discuss industry standards for compensation.
• Pay close attention to the company culture and values during the interview process to ensure they align with your own professional goals and work style.