Remote Information Security Program Manager

About The Position

Requirements

• 5+ years of experience in information security, GRC, or IT/Information Security audit.
• Demonstrated experience operating GRC programs in a regulated technology or financial services environment.
• Working knowledge of security and compliance frameworks such as SOC 2 and NIST CSF 2.0.
• Strong written and verbal communication skills for interacting with technical and non-technical audiences.
• Ability to design metrics and reporting for various stakeholders.

Responsibilities

• Act as a trusted GRC partner translating audit, risk, and compliance requirements into actionable guidance.
• Coordinate core assurance activities for SOX IT and SOC 2 across diverse teams to ensure audit readiness and successful outcomes.
• Manage security due diligence requests to protect customer and partner trust with clear and timely responses.
• Own policy management including drafting, maintaining, and reviewing information security policies and standards.
• Support the information security third-party risk management program to reduce third-party risks.
• Enhance GRC operations through process improvements and effective use of automation and tooling.

Benefits

• Competitive compensation including base pay and annual equity grants.
• Generous 401(k) plan with up to $15,000 in company matching.
• Affordable medical, dental, and vision coverage with significant cost coverage by the company.
• Paid time off, sick and safe leave, and company holidays.
• Paid family and parental leave for caregiving and significant life events.
• Employee Assistance Program (EAP) offering mental health support.
• Annual wellness and productivity allowances to support personal and professional growth.