Who we are

About Stripe

Stripe is a financial infrastructure platform for businesses. Millions of companies—from the world’s largest enterprises to the most ambitious startups—use Stripe to accept payments, grow their revenue, and accelerate new business opportunities. Our mission is to increase the GDP of the internet, and we have a staggering amount of work ahead. That means you have an unprecedented opportunity to put the global economy within everyone’s reach while doing the most important work of your career.

About the team

The Stripe Security team is dedicated to improving the security of Stripe and its users. Our users trust us with some of their most sensitive information, and we make security a first-class consideration in everything we do. Security concerns are ever-evolving, creating an extremely dynamic environment for the Security team.

The goal of the Security Business Enablement team at Stripe is to build trust with our current and prospective customers and partners.  We support Sales, Marketing, Legal, Privacy, and Security teams, directly engaging with our customers and partners to communicate and represent the security activities performed by hundreds of employees and thousands of processes across our suite of products and services.  We build and operate the tools and platforms necessary to scale our resources across millions of users.

What you’ll do

The Security Business Enablement Program Manager position will be part of Stripe’s Office of the CISO pillar.  You will represent all of Stripe directly to our customers and partners, facilitate conversations with Legal and Security teams, and identify opportunities to enhance our coverage and scalability with tooling and automation.

Responsibilities:

• Function as an information security subject matter expert and lead cross-functional teams to engage with customers and partners to build trust and grow our business
• Serve as the main point of contact for all go-to-market related requests
• Operate autonomously leading large-scale efforts to implement and operating tooling and automation across multiple teams and functions, with stakeholders in different disciplines and time zones
• Identify and evaluate information security control gaps and oversee remediation efforts, in partnership with controls owners
• Develop information security policies and standards based on cybersecurity framework guidelines
• Develop, define, and report on the team’s program health and success metrics to provide insights to management to help drive strategic direction

Who you are

We’re looking for someone who meets the minimum requirements to be considered for the role. If you meet these requirements, you are encouraged to apply. The preferred qualifications are a bonus, not a requirement.

Minimum requirements

• You are a subject matter expert in information security frameworks, practices, policies, standards and procedures (e.g. NIST CSF, PCI DSS, ISO 27001/2 or equivalent) 
• You understand how to balance business needs with security requirements and focus on business outcomes
• You have 5+ years engaging with customer and partner business, engineering, security, compliance, and legal teams as part of the go-to-market sales cycle
• You have experience driving mid to large-scale projects and programs from start to finish within highly complex operating environments
• You have strong written and verbal communication skills, building strong relationships at all levels of the organization from executives to project teams

You possess a strong background in information security operations, risks and controls identification, and assessment

• You are a critical thinker, passionate, self-driven, and detail-oriented

Preferred qualifications

• You communicate clear and succinct security compliance controls and requirements with external Stripe stakeholders, including security counter-parties at global financial institutions
• You have developed reports on program performance via dashboards and OKRs, and perform basic data analysis
• You have experience working with engineers for the automation of  security controls