Job Description:
• Enable teams to move faster and more securely by acting as a trusted GRC partner, translating audit, risk, and compliance requirements into practical guidance.
• Ensure audit readiness and successful outcomes by coordinating core assurance activities, including SOX IT and SOC 2, across engineering, IT, and business teams.
• Protect customer and partner trust by managing security due diligence requests from prospective and existing business partners, delivering clear and timely responses.
• Strengthen security governance by owning policy management, including drafting, maintaining, reviewing, and driving awareness of information security policies and standards.
• Reduce third-party risk by supporting and executing the information security third-party risk management program, including vendor assessments, risk tracking, and remediation follow-up.
• Improve the efficiency and consistency of GRC operations through process improvement and thoughtful use of automation and tooling.
Requirements:
• 5+ years of experience in information security, GRC, or IT/Information Security audit.
• Demonstrated experience operating GRC programs (supporting audits, risk assessments, control testing activities, policy management, 3rd party security risk) in a regulated technology or financial services environment.
• Working knowledge and ability to apply common security and compliance frameworks (SOC 2, NIST CSF 2.0, NIST SSDF, NYDFS, etc.).
• Strong written and verbal communication skills with both technical and non-technical audiences.
• Ability to design metrics, KRIs, and reporting for diverse stakeholders.
Benefits:
• Competitive compensation, including base pay, bonus opportunities, and annual equity grants that vest quarterly
• Generous 401(k) plan with Upstart matching $2 for every $1 contributed, up to $15,000 per year
• Employee Stock Purchase Plan (ESPP) with discounted stock purchase options for eligible employees
• Affordable medical, dental, and vision coverage, with multiple plan options - Upstart covers 90% to 100% of the cost depending on the plans you choose
• Health Savings Account contributions from Upstart for eligible plans
• Income protection benefits, including company-paid Basic Life, AD&D, and Short- and Long-Term Disability coverage, with options to purchase supplemental coverage
• Paid time off, sick and safe time, and company holidays
• Paid family and parental leave to support caregiving and major life moments
• Family-centered benefits through Carrot and Cleo, supporting fertility, parenthood, and caregiving
• Employee Assistance Program (EAP) offering mental health support and life-centered resources
• Financial wellness resources, including access to financial planning tools and a financial concierge service
• Annual wellness allowance to support your physical and emotional well-being and personal development, based on what matters most to you
• Annual productivity allowance to invest in relevant tools and resources you need to do your best work, no matter where you work from
• Connection and community through team events and onsites, all-company updates, and employee resource groups (ERGs)
• Onsite perks, including catered lunches and fully stocked micro-kitchens when working from one of our four offices, located in the Bay Area, Austin, Columbus, and New York City (opening Summer 2026!).