Information Security Program Manager – Governance, Risk, Compliance
Posted 2026-05-06
Remote, USA
Full-time
Immediate Start
- Job Description:
- Enable teams to move faster and more securely by acting as a trusted GRC partner, translating audit, risk, and compliance requirements into practical guidance.
- Ensure audit readiness and successful outcomes by coordinating core assurance activities, including SOX IT and SOC 2, across engineering, IT, and business teams.
- Protect customer and partner trust by managing security due diligence requests from prospective and existing business partners, delivering clear and timely responses.
- Strengthen security governance by owning policy management, including drafting, maintaining, reviewing, and driving awareness of information security policies and standards.
- Reduce third-party risk by supporting and executing the information security third-party risk management program, including vendor assessments, risk tracking, and remediation follow-up.
- Improve the efficiency and consistency of GRC operations through process improvement and thoughtful use of automation and tooling.
- Requirements:
- 5+ years of experience in information security, GRC, or IT/Information Security audit.
- Demonstrated experience operating GRC programs (supporting audits, risk assessments, control testing activities, policy management, 3rd party security risk) in a regulated technology or financial services environment.
- Working knowledge and ability to apply common security and compliance frameworks (SOC 2, NIST CSF 2.0, NIST SSDF, NYDFS, etc.).
- Strong written and verbal communication skills with both technical and non-technical audiences.
- Ability to design metrics, KRIs, and reporting for diverse stakeholders.
- Benefits:
- Competitive compensation, including base pay, bonus opportunities, and annual equity grants that vest quarterly
- Generous 401(k) plan with Upstart matching $2 for every $1 contributed, up to $15,000 per year
- Employee Stock Purchase Plan (ESPP) with discounted stock purchase options for eligible employees
- Affordable medical, dental, and vision coverage, with multiple plan options - Upstart covers 90% to 100% of the cost depending on the plans you choose
- Health Savings Account contributions from Upstart for eligible plans
- Income protection benefits, including company-paid Basic Life, AD&D, and Short- and Long-Term Disability coverage, with options to purchase supplemental coverage
- Paid time off, sick and safe time, and company holidays
- Paid family and parental leave to support caregiving and major life moments
- Family-centered benefits through Carrot and Cleo, supporting fertility, parenthood, and caregiving
- Employee Assistance Program (EAP) offering mental health support and life-centered resources
- Financial wellness resources, including access to financial planning tools and a financial concierge service
- Annual wellness allowance to support your physical and emotional well-being and personal development, based on what matters most to you
- Annual productivity allowance to invest in relevant tools and resources you need to do your best work, no matter where you work from
- Connection and community through team events and onsites, all-company updates, and employee resource groups (ERGs)
- Onsite perks, including catered lunches and fully stocked micro-kitchens when working from one of our four offices, located in the Bay Area, Austin, Columbus, and New York City (opening Summer 2026!).