Job Description
Job Description: • Enable teams to move faster and more securely by acting as a trusted GRC partner, translating audit, risk, and compliance requirements into practical guidance. • Ensure audit readiness and successful outcomes by coordinating core assurance activities, including SOX IT and SOC 2, across engineering, IT, and business teams. • Protect customer and partner trust by managing security due diligence requests from prospective and existing business partners, delivering clear and timely responses. • Strengthen security governance by owning policy management, including drafting, maintaining, reviewing, and driving awareness of information security policies and standards. • Reduce third-party risk by supporting and executing the information security third-party risk management program, including vendor assessments, risk tracking, and remediation follow-up. • Improve the efficiency and consistency of GRC operations through process improvement and thoughtful use of automation and tooling. Requirements: • 5+ years of experience in information security, GRC, or IT/Information Security audit. • Demonstrated experience operating GRC programs (supporting audits, risk assessments, control testing activities, policy management, 3rd party security risk) in a regulated technology or financial services environment. • Working knowledge and ability to apply common security and compliance frameworks (SOC 2, NIST CSF 2.0, NIST SSDF, NYDFS, etc.). • Strong written and verbal communication skills with both technical and non-technical audiences. • Ability to design metrics, KRIs, and reporting for diverse stakeholders. Benefits: • Competitive compensation, including base pay, bonus opportunities, and annual equity grants that vest quarterly • Generous 401(k) plan with Upstart matching $2 for every $1 contributed, up to $15,000 per year • Employee Stock Purchase Plan (ESPP) with discounted stock purchase options for eligible employees • Affordable medical, dental, and vision coverage, with multiple plan options - Upstart covers 90% to 100% of the cost depending on the plans you choose • Health Savings Account contributions from Upstart for eligible plans • Income protection benefits, including company-paid Basic Life, AD&D, and Short- and Long-Term Disability coverage, with options to purchase supplemental coverage • Paid time off, sick and safe time, and company holidays • Paid family and parental leave to support caregiving and major life moments • Family-centered benefits through Carrot and Cleo, supporting fertility, parenthood, and caregiving • Employee Assistance Program (EAP) offering mental health support and life-centered resources • Financial wellness resources, including access to financial planning tools and a financial concierge service • Annual wellness allowance to support your physical and emotional well-being and personal development, based on what matters most to you • Annual productivity allowance to invest in relevant tools and resources you need to do your best work, no matter where you work from • Connection and community through team events and onsites, all-company updates, and employee resource groups (ERGs) • Onsite perks, including catered lunches and fully stocked micro-kitchens when working from one of our four offices, located in the Bay Area, Austin, Columbus, and New York City (opening Summer 2026!).