Sr. Security GRC Manager - Remote
Santa Clara, CA, United States
Company Description
PayNearMe develops technology to facilitate the end-to-end customer payment experience, making it easy for businesses to accept, disburse and manage payments. Our modern and reliable platform lowers the total cost of payments by increasing acceptance rates, driving self-service and simplifying exceptions. We future-proof our clients’ payments roadmap by including all payment types and channels through a single contract and integration. With PayNearMe, businesses can transform the outdated systems holding them back from achieving progress.
PayNearMe has over 200 employees, closed a $45M Series D round in June 2023, and is processing over $1B in payments monthly. We’re headquartered in Silicon Valley with our employees distributed all across the U.S. Help us solve our clients’ biggest payment problems.
We are seeking a detail-oriented and proactive Sr. Security GRC Manager to join our team. This role is responsible for identifying, assessing, and mitigating information technology and information security risks. The Sr. Security GRC Manager will work closely with various departments to ensure compliance with industry standards and regulatory requirements, while also helping to protect the company’s information assets and maintain the integrity of our payment platform.
The Sr. Security GRC Manager will play a crucial role in safeguarding PayNearMe’s information assets and ensuring the security and integrity of our payment platform. By effectively managing IT/IS risks, the specialist will help maintain our company’s reputation for data safety and regulatory compliance, supporting our mission to provide secure and reliable payment solutions.
Job Description
- Identify, assess, and mitigate information security risks across the organization.
- Maintain and execute a comprehensive IT/IS risk management program.
- Conduct risk assessments to ensure compliance with industry standards and
- regulatory requirements.
- Collaborate with internal teams to implement risk mitigation strategies and
- controls.
- Monitor and analyze technology and security control effectiveness to identify
- risks and areas for improvement.
- Develop and maintain risk management policies, procedures, and
- documentation.
- Provide training and guidance to employees on IT/IS risk management best
- practices.
- Stay current with emerging trends and developments in IT/IS risk management.
- Prepare and present risk reports to senior management and other stakeholders.
Qualifications
- Bachelor’s degree in Computer Science, Information Security, Risk Management, or a related field, or equivalent practical experience.
- 5+ years of experience implementing and managing IT/IS risk management frameworks (ISO27001, NIST, COBIT, COSO, BASEL II)
- Strong understanding of risk management principles, practices, and frameworks.
- Experience conducting assessments and control evaluation with information security regulations and industry standards (e.g. GLBA, FFIEC Guidelines, 12 CFR 30 Part B).
- Proficiency with risk management tools and software (i.e. Archer, ServiceNow).
- Demonstrated experience in developing and implementing risk frameworks and conducting risk and control self-assessments (RCSA).
- Demonstrated ability applying GLBA, BASEL, and/or FFIEC Guidelines into a security risk framework.
- Excellent analytical and problem-solving skills.
- Strong communication and interpersonal skills.
- Ability to work independently and as part of a team.
- Strong attention to detail and organizational skills.
Preferred Qualifications:
- Relevant certifications (e.g., ITIL, CRISC, CISSP, CISM).
- Experience in the financial technology sector with a publicly traded company.
- Knowledge of cloud security and understanding of cloud platforms (e.g., AWS, Azure, Google Cloud).
- Familiarity with data protection laws and regulations (e.g., GDPR, CCPA, HIPAA).
Additional Information
Benefits
- Base salary per year (paid semi-monthly)
- Fast- paced and professional work culture
- Stock options with standard startup vesting - 1 year cliff; 4 years total
- $50 monthly communication expense stipend to go towards your phone/internet bill
- $250 stipend to enhance your WFH setup
- Reimbursement for peripheral equipment: monitor (up to $400), keyboard and mouse (up to $200)
- Premium medical benefits including vision and dental (100% coverage for employees)
- Company-sponsored life and disability insurance
- Paid parental bonding leave
- Paid sick leave, jury duty, bereavement
- 401k plan
- Flexible Time Off (our team members typically take off ~3-4 weeks per year)
- Volunteer Time Off
- 13 scheduled holidays
- 4-6x / year in-person team meet-ups
Salary Range: $140,000 - 180,000
PayNearMe strives to create a workplace where all employees thrive. Our core values represent who we are today and we take pride in the way we work with each other as well as with our stakeholders.
We’re in this together to do the right thing. We deliver real results we are proud of while remaining respectful, transparent, and flexible.
PayNearMe is an equal opportunity employer. We are diligently and thoughtfully working towards cultivating a diverse workforce which in turn, enhances our products and services for the communities we serve. Applicants who represent all backgrounds are strongly encouraged to apply.
—
Candidate information will be treated in accordance with our job applicant privacy notice found at: https://home.paynearme.com/ccpa-privacy-notice-jobs-employees/
Assistance for Disabled Applicants
Alternative formats of this Notice are available to individuals with a disability. Please let us know if you need assistance.
All your information will be kept confidential according to EEO guidelines.
ApplyJob Profile
100% coverage for employees 13 scheduled holidays Base salary Base salary per year Communication expense stipend Company-sponsored life and disability insurance Flexible time off Holidays In-person team meet-ups Life and Disability insurance Medical benefits Paid parental bonding leave Paid Sick Leave Paid sick leave, jury duty, bereavement Premium medical benefits Reimbursement for peripheral equipment Scheduled holidays Stock options Team meet-ups Volunteer time off WFH setup reimbursement
Tasks- Collaborate on risk strategies
- Conduct risk assessments
- Develop risk policies
- Identify and mitigate information security risks
- Maintain risk management program
- Monitor security controls
- Prepare risk reports
- Provide training
- Train employees
Archer Attention to detail AWS Azure Basel II Cloud Security COBIT Communication COSO FFIEC GLBA Go Google Cloud Information security Integration Interpersonal ISO 27001 ISO27001 NIST Payments Payment Solutions Problem-solving Regulatory Compliance Risk Management Risk management tools Security ServiceNow Training
Experience5 years
EducationBachelor's degree Computer Science Information Security Related Field Risk Management
Certifications TimezonesAmerica/Anchorage America/Chicago America/Denver America/Los_Angeles America/New_York Pacific/Honolulu UTC-10 UTC-5 UTC-6 UTC-7 UTC-8 UTC-9