Information Security Program Manager - GRC jobs in United States
cer-icon
Apply on Employer Site
company-logo

Upstart · 3 hours ago

Information Security Program Manager - GRC

positionUnited States
timeFull-time
remoteRemote
senioritySenior Level
money$140K/yr - $194K/yr
date5+ years exp

Upstart is an AI lending marketplace focused on reducing the cost and complexity of borrowing for Americans. The Information Security GRC Program Manager will own and execute GRC programs to protect customer trust and support regulatory requirements while collaborating with technical and business partners to assess risk and embed security practices into operations.

Artificial Intelligence (AI)AutomotiveConsumer LendingCreditFinancial ServicesFinTechLendingMachine LearningPersonal Finance
check
H1B Sponsor Likelynote

Responsibilities

Enable teams to move faster and more securely by acting as a trusted GRC partner, translating audit, risk, and compliance requirements into practical guidance
Ensure audit readiness and successful outcomes by coordinating core assurance activities, including SOX IT and SOC 2, across engineering, IT, and business teams
Protect customer and partner trust by managing security due diligence requests from prospective and existing business partners, delivering clear and timely responses
Strengthen security governance by owning policy management, including drafting, maintaining, reviewing, and driving awareness of information security policies and standards
Reduce third-party risk by supporting and executing the information security third-party risk management program, including vendor assessments, risk tracking, and remediation follow-up
Improve the efficiency and consistency of GRC operations through process improvement and thoughtful use of automation and tooling

Qualification

Information SecurityGRC ProgramsSecurity FrameworksAudit CoordinationPolicy ManagementCloud EnvironmentsGRC Automation ToolsRelevant CertificationsScripting SkillsProcess ImprovementCommunication Skills

Required

5+ years of experience in information security, GRC, or IT/Information Security audit
Demonstrated experience operating GRC programs (supporting audits, risk assessments, control testing activities, policy management, 3rd party security risk) in a regulated technology or financial services environment
Working knowledge and ability to apply common security and compliance frameworks (SOC 2, NIST CSF 2.0, NIST SSDF, NYDFS, etc.)
Strong written and verbal communication skills with both technical and non-technical audiences
Ability to design metrics, KRIs, and reporting for diverse stakeholders

Preferred

Experience in cloud-native environments (AWS preferred)
Experience using GRC automation tools
Relevant certifications (CISSP, CISA, CRISC, CISM)
Scripting or light coding skills to automate workflows and system integrations is a plus
Familiarity with privacy and data protection requirements (e.g., GDPR, CCPA)

Benefits

Competitive compensation, including base pay, bonus opportunities, and annual equity grants that vest quarterly
Generous 401(k) plan with Upstart matching $2 for every $1 contributed, up to $15,000 per year
Employee Stock Purchase Plan (ESPP) with discounted stock purchase options for eligible employees
Affordable medical, dental, and vision coverage, with multiple plan options - Upstart covers 90% to 100% of the cost depending on the plans you choose
Health Savings Account contributions from Upstart for eligible plans
Income protection benefits, including company-paid Basic Life, AD&D, and Short- and Long-Term Disability coverage, with options to purchase supplemental coverage
Paid time off, sick and safe time, and company holidays
Paid family and parental leave to support caregiving and major life moments
Family-centered benefits through Carrot and Cleo, supporting fertility, parenthood, and caregiving
Employee Assistance Program (EAP) offering mental health support and life-centered resources
Financial wellness resources, including access to financial planning tools and a financial concierge service
Annual wellness allowance to support your physical and emotional well-being and personal development, based on what matters most to you
Annual productivity allowance to invest in relevant tools and resources you need to do your best work, no matter where you work from
Connection and community through team events and onsites, all-company updates, and employee resource groups (ERGs)
Onsite perks, including catered lunches and fully stocked micro-kitchens when working from one of our four offices, located in the Bay Area, Austin, Columbus, and New York City (opening Summer 2026!)

Company

Upstart

twittertwittertwitter
Glassdoor3.7
company-logo
Upstart (NASDAQ: UPST) is a leading AI lending marketplace partnering with banks and credit unions to expand access to affordable credit.
dateFounded in 2012
location
San Mateo, California, USA
people-size1001-5000 employees
web-link
https://upstart.com/about

H1B Sponsorship

Upstart has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (68)
2024 (67)
2023 (85)
2022 (85)
2021 (42)
2020 (15)

Funding

Current Stage
Public Company
Total Funding
$3.36B
Key Investors
CastlelakeProgressiveRakuten
2025-11-06Post Ipo Debt· $1.5B
2025-09-05Post Ipo Debt· $320M
2025-08-12Post Ipo Debt· $600M

Leadership Team

leader-logo
Dave Girouard
Founder & CEO
linkedin
leader-logo
Paul Gu
Co-Founder
linkedin

Recent News

The Motley Fool
Is Upstart Stock Your Ticket to Becoming a Millionaire?
2026-01-23
Business Wire
Rize Credit Union Partners with Upstart to Expand Access to Personal Loans in California
2026-01-22
The Motley Fool
3 High-Conviction AI Stocks With 10x Potential by 2036
2026-01-03
Company data provided by crunchbase