Apply on Employer Site

Vanilla · 20 hours ago

Security GRC Program Manager

United States

Full-time

Remote

Senior Level

$135K/yr - $150K/yr

5+ years exp

Vanilla is a startup focused on modernizing estate planning through an AI-powered platform. They are seeking a Security GRC Program Manager to oversee customer trust and security compliance programs, ensuring reliable operations while maintaining customer trust in handling sensitive financial data.

Artificial Intelligence (AI)Financial ServicesFinTechInformation TechnologySoftwareWealth Management

No H1B

Responsibilities

Lead customer due diligence questionnaire (DDQ) and RFP response process and third-party risk management process; track and manage high volume of DDQ and RFP requests. Coordinate and collaborate with internal teams to meet tight deadlines. Handle a high volume of requests and interactions in a fast-paced environment

Support enterprise sales with technical customer security discussions

Lead SOC 2 Type II audit preparation, evidence collection, and remediation

Conduct third party vendor security assessments, collaborate on third party risk management processes

Implement and manage third party tool and new processes to create efficiencies

Develop the security narrative and conduct security reviews for new product functionality to enable GTM

Review and negotiate security and compliance language in customer contracts in collaboration with Legal team

Build and manage Trust Center integrations and public-facing security documentation in collaboration with Legal team

Build customer-facing compliance artifacts (security whitepapers, certifications)

Qualification

Security complianceProgram managementSOC 2 auditCustomer trustContract negotiationRisk managementJudgementPrioritizationAttention to detailOrganizational skills

Required

Minimum of 5 years in a technical and/or security role with customer facing experience

Minimum of 3 years experience in program management, customer trust, or DDQ/RFP management within the tech industry with highly regulated customers

Proven track record in driving security processes and operational plans

Requires strong attention to detail, organizational skills, good judgement, and the ability to prioritize tasks, manage timelines, and meet tight deadlines

Strong contract review and negotiation skills related to security and compliance

Knowledge of security risks, vulnerabilities, and threat management

Background in supporting customer audits and engagements

Preferred

Experience in fintech, healthtech, or regulated industries

Prior experience at Series B-D companies scaling security compliance programs

Demonstrable experience implementing tools to drive and streamline DDQ processes

Benefits

Flexible paid time off policy and 10 company-wide paid holidays

Parental leave, 4 weeks for all full-time employees and up to 12 weeks for birthing parents

Medical, dental, and vision benefits coverage for employees and their families

401K eligibility after one month of employment

Free estate planning documents

Budget for learning & development and home office setup

Paid parking or transit for hybrid and in office employees

Company

Vanilla

Vanilla is an estate planning software platform designed for financial advisors, estate planners, and family offices.

Founded in 2019

Salt Lake City, Utah, USA

51-200 employees

https://www.justvanilla.com

Funding

Current Stage

Growth Stage

Total Funding

$81.4M

Key Investors

Insight PartnersVenrock

2024-08-15Series B· $35M

2022-04-28Series B· $30M

2021-08-30Series A· $11.6M

Leadership Team

Amjad Hussain

Advisor

Recent News

Business Wire

Cetera Chooses Vanilla, Further Enhancing Estate Planning Services for Approximately 12,000 Advisors

2025-12-16

Stuff.co.za

It was never going to be cheap to run South Africa’s first 10Gbps home fibre line

2025-11-28

Business Wire

Vanilla Named a Preferred Estate Planning Technology Partner by Elevation Point

2025-11-18

Company data provided by crunchbase