Program Manager, Security Business Enablement

## About the Role The Program Manager, Security Business Enablement, plays a pivotal role in Stripe's mission to increase the GDP of the internet by building trust with current and prospective customers and partners. This position is part of Stripe's Office of the CISO pillar and requires a strong understanding of information security and the ability to communicate complex security concepts to both technical and non-technical stakeholders.

As a key member of the Security Business Enablement team, you will engage directly with customers and partners, facilitating conversations with Legal and Security teams to identify opportunities to enhance coverage and scalability through tooling and automation. Your expertise will help drive large-scale efforts to implement and operate tooling and automation across multiple teams and functions, ensuring the highest level of security and compliance.

The Security Business Enablement team supports Sales, Marketing, Legal, and Privacy by directly engaging with customers and partners to communicate and represent the security activities performed across Stripe's suite of products and services. This involves operating the tools and platforms necessary to scale resources across millions of users, ensuring that security is always a first-class consideration.

## What You Will Do - Function as an information security subject matter expert, leading cross-functional teams to engage with customers and partners to build trust and grow the business.

• Serve as the main point of contact for all go-to-market related requests, ensuring seamless communication and collaboration across various stakeholders.
• Operate autonomously, leading large-scale efforts to implement and operate tooling and automation across multiple teams and functions, with stakeholders in different disciplines and time zones.
• Identify and evaluate information security control gaps and oversee remediation efforts, in partnership with control owners.
• Develop information security policies and standards based on cybersecurity framework guidelines, such as NIST CSF, PCI DSS, ISO 27001, and SOC 2.
• Develop, define, and report on the team’s program health and success metrics to provide insights to management to help drive strategic direction.
• Collaborate with the Legal team to ensure compliance with regulatory requirements and industry standards.
• Facilitate training and awareness programs to enhance security knowledge across the organization.
• Stay updated with the latest security trends, threats, and technologies, applying this knowledge to improve Stripe's security posture.

## What We Are Looking For - You are a subject matter expert in information security frameworks, practices, policies, standards, and procedures (e.g., NIST CSF, PCI DSS, ISO 27001, SOC 2, or equivalent).

• You have a deep understanding of how to balance business needs with security requirements, focusing on business outcomes and driving growth.
• You have 5+ years of experience engaging with customer and partner business, engineering, security, compliance, and legal teams as part of the go-to-market sales cycle.
• You have experience driving large-scale projects and programs from start to finish within highly complex operating environments.
• You have strong written and verbal communication skills, with the ability to build strong relationships at all levels of the organization, from executives to project teams.
• You have a proven track record of leading cross-functional teams and facilitating collaboration across different disciplines.
• You are adept at communicating clear and succinct security compliance controls and requirements with external parties.
• You have a strong analytical mindset, with the ability to identify and mitigate security risks.

## Nice to Have - Experience with cloud security platforms and technologies.

• Knowledge of compliance frameworks and regulations, such as GDPR, HIPAA, and PCI DSS.
• Familiarity with security auditing and risk assessment methodologies.
• Certification in information security, such as CISSP, CISM, or CRISC.
• Experience with automation tools and scripting languages, such as Python or PowerShell.

## Benefits and Perks - Competitive salary and equity package.

• Comprehensive health, dental, and vision insurance.
• Flexible PTO policy and parental leave.
• Access to professional development opportunities and conferences.
• Remote work stipend and equipment budget.
• Collaborative and dynamic work environment with a team of experienced professionals.
• Opportunities for career growth and advancement within the company.
• Recognition and reward for outstanding performance and contributions.

- Ensure your resume and cover letter highlight your experience with information security frameworks and practices, as well as your ability to communicate complex security concepts to non-technical stakeholders.

• Be prepared to provide specific examples of how you have driven large-scale security initiatives and collaborated with cross-functional teams in previous roles.
• Familiarize yourself with Stripe's products and services, as well as the company's approach to security and compliance.
• Develop a portfolio that showcases your expertise in security business enablement, including any relevant certifications, training, or publications.
• Practice your communication skills, particularly in presenting technical information to non-technical audiences, to excel in the interview process.
• Research the current market salary range for similar positions to ensure you are prepared for salary negotiations.
• Be cautious of companies that do not prioritize security or have a history of security breaches, as these can indicate a lack of investment in security measures.