Senior Security Program Manager
United States | Remote
About Upstart
Upstart is a leading AI lending marketplace partnering with banks and credit unions to expand access to affordable credit. By leveraging Upstart's AI marketplace, Upstart-powered banks and credit unions can have higher approval rates and lower loss rates across races, ages, and genders, while simultaneously delivering the exceptional digital-first lending experience their customers demand. More than two-thirds of Upstart loans are approved instantly and are fully automated.
Upstart is a digital-first company, which means that most Upstarters live and work anywhere in the United States. However, we also have offices in San Mateo, California; Columbus, Ohio; and Austin, Texas.
Most Upstarters join us because they connect with our mission of enabling access to effortless credit based on true risk. If you are energized by the impact you can make at Upstart, we’d love to hear from you!
The Team
Are you interested in developing progressive solutions to advance Information Security Governance, Risk, and Compliance (GRC)? Do you believe we can automate and orchestrate our way out of legacy patterns of manual burden in GRC? Come join our Information Security team as our next Senior Security Program Manager to lead the way. Your function will be to build GRC solutions and work with key primary stakeholders that will mature Upstart. You'll collaborate with various Upstart teams to identify threats and risks to the organization, prioritize and manage security initiatives, drive programs, create new solutions, and mature existing workflows.
How you’ll make an impact:
- Partner with stakeholders (Business, Engineering, Application Security, Security Operations, Operations, Technology, Risk, Audit, Compliance, Legal) to align with strategic vision and goals.
- Develop, implement, and maintain GRC Programs that drive accountability across stakeholder teams to ensure security objectives are met.
- Automate and improve efficiency of Information Security processes and programs.
- Ensure compliance to Information Security policies and practices.
- Program manage strategic Information Security initiatives to mitigate major risks
- Lead GRC governance of programs such as Application Registration & Inventory, Identity & Access Management, Architectural Review Assessment, Application & Infrastructure Vulnerability Assessment, Multi-Factor Authentication, Suspicious Activity Detection, Information Security Third Party Risk Management, etc.
- Enhance the overall Information Security policy framework and support teams in creating standards, and procedures and
- Own the with ongoing security training & awareness programs.
- Monitor adherence to Information Security policies, procedures and control frameworks.
- Develop Key …
This job isn't fresh anymore!
Search Fresh JobsJob Profile
Regular on-site collaboration sessions
Benefits/PerksAnnual wellness, technology & ergonomic reimbursement programs Catered lunches + snacks & drinks Competitive compensation Comprehensive medical Comprehensive medical, dental, and vision coverage Employee stock purchase plan Equity Flexible work environment Generous holiday, vacation, sick and safety leave Health Savings Account contributions Impactful mission Life and Disability insurance Remote work Social activities Supportive parental, family care, and military leave programs
Tasks- Collaborate with stakeholders
- Ensure compliance
- Monitor Compliance
AI Application Security Automation CIS Coding Collaboration Communication Compliance Control Frameworks Digital-first Engineering GRC Information security ISO Lending marketplace Marketplace Multi-factor authentication NIST Operations Policy Writing Problem-solving Risk Analysis Risk Management Scripting Stakeholder management
Experience10 years
Education Certifications TimezonesAmerica/Anchorage America/Chicago America/Denver America/Los_Angeles America/New_York Pacific/Honolulu UTC-10 UTC-5 UTC-6 UTC-7 UTC-8 UTC-9