About Upstart
Upstart is a leading AI lending marketplace partnering with banks and credit unions to expand access to affordable credit. By leveraging Upstart's AI marketplace, Upstart-powered banks and credit unions can have higher approval rates and lower loss rates across races, ages, and genders, while simultaneously delivering the exceptional digital-first lending experience their customers demand. More than two-thirds of Upstart loans are approved instantly and are fully automated.
Upstart is a digital-first company, which means that most Upstarters live and work anywhere in the United States. However, we also have offices in San Mateo, California; Columbus, Ohio; and Austin, Texas.
Most Upstarters join us because they connect with our mission of enabling access to effortless credit based on true risk. If you are energized by the impact you can make at Upstart, we’d love to hear from you!
The Team
Are you interested in developing progressive solutions to advance Information Security Governance, Risk, and Compliance (GRC)? Do you believe we can automate and orchestrate our way out of legacy patterns of manual burden in GRC? Come join our Information Security team as our next Senior Security Program Manager to lead the way. Your function will be to build GRC solutions and work with key primary stakeholders that will mature Upstart. You'll collaborate with various Upstart teams to identify threats and risks to the organization, prioritize and manage security initiatives, drive programs, create new solutions, and mature existing workflows.
How you’ll make an impact:
- Partner with stakeholders (Business, Engineering, Application Security, Security Operations, Operations, Technology, Risk, Audit, Compliance, Legal) to align with strategic vision and goals.
- Develop, implement, and maintain GRC Programs that drive accountability across stakeholder teams to ensure security objectives are met.
- Automate and improve efficiency of Information Security processes and programs.
- Ensure compliance to Information Security policies and practices.
- Program manage strategic Information Security initiatives to mitigate major risks
- Lead GRC governance of programs such as Application Registration & Inventory, Identity & Access Management, Architectural Review Assessment, Application & Infrastructure Vulnerability Assessment, Multi-Factor Authentication, Suspicious Activity Detection, Information Security Third Party Risk Management, etc.
- Enhance the overall Information Security policy framework and support teams in creating standards, and procedures and
- Own the with ongoing security training & awareness programs.
- Monitor adherence to Information Security policies, procedures and control frameworks.
- Develop Key Risk Indicators (KRIs) to drive program adherence and deliver on overall program performance
What we’re looking for:
- At least 10+ years of GRC program management experience.
- Experience running GRC programs, including gathering and transforming requirements into actionable work items.
- Scripting and light coding ability to automate processes and integrations between systems is a plus.
- Ability to prioritize and multitask effectively.
- Demonstrated ability to effectively cross collaborate with stakeholder teams.
- Strong communication and documentation skills.
- Experience influencing others without having direct management authority and motivating them to successfully complete tasks within required timelines.
- Strong risk analysis and problem-solving skills.
- Ability to write and manage Information Security policies.
- Experience/familiarity with standard control frameworks, such as NIST, ISO, CIS, etc.
- Current and active certification in Information Security (CISA, CISM, CISSP, etc.).
- Ability to interpret cybersecurity regulations and assess compliance.
Position Location - This role is available in the following locations: Remote, San Mateo, Columbus
Time Zone Requirements - This team operates on the East/West Coast time zones.
Travel Requirements - This team has regular on-site collaboration sessions. These occur a few days per Quarter at the San Mateo office. If you need to travel to make these meetups, Upstart will cover all travel related expenses.
What you'll love:
- Competitive Compensation (base + bonus & equity)
- Comprehensive medical, dental, and vision coverage with Health Savings Account contributions from Upstart
- 401(k) with 100% company match up to $4,500 and immediate vesting and after-tax savings
- Employee Stock Purchase Plan (ESPP)
- Life and disability insurance
- Generous holiday, vacation, sick and safety leave
- Supportive parental, family care, and military leave programs
- Annual wellness, technology & ergonomic reimbursement programs
- Social activities including team events and onsites, all-company updates, employee resource groups (ERGs), and other interest groups such as book clubs, fitness, investing, and volunteering
- Catered lunches + snacks & drinks when working in offices
At Upstart, your base pay is one part of your total compensation package. The anticipated base salary for this position is expected to be within the below range. Your actual base pay will depend on your geographic location–with our “digital first” philosophy, Upstart uses compensation regions that vary depending on location. Individual pay is also determined by job-related skills, experience, and relevant education or training. Your recruiter can share more about the specific salary range for your preferred location during the hiring process.
In addition, Upstart provides employees with target bonuses, equity compensation, and generous benefits packages (including medical, dental, vision, and 401k).
United States | Remote - Anticipated Base Salary Range
$162,100—$224,500 USD
Upstart is a proud Equal Opportunity Employer. We are dedicated to ensuring that underrepresented classes receive better access to affordable credit, and are just as committed to embracing diversity and inclusion in our hiring practices. We celebrate all cultures, backgrounds, perspectives, and experiences, and know that we can only become better together.
If you require reasonable accommodation in completing an application, interviewing, completing any pre-employment testing, or otherwise participating in the employee selection process, please email [email protected]
https://www.upstart.com/candidate_privacy_policy
What the Team is Saying
What We Do
Upstart is the leading AI lending marketplace, connecting millions of consumers to more than 100 banks and credit unions that leverage Upstart’s AI models and cloud applications to deliver superior credit products. With Upstart's AI, lenders can approve more borrowers at lower rates across races, ages, and genders, while delivering the exceptional digital-first experience customers demand. More than 80% of borrowers are approved instantly, with zero documentation to upload. Founded in 2012, Upstart’s platform includes personal loans, automotive retail and refinance loans, home equity lines of credit, and small-dollar “relief” loans.
If you are energized by the impact you think you could make at Upstart, we'd love to hear from you!
Why Work With Us
Connection to our mission creates a special environment where people feel passionately about the impact they make in the world. Upstart is fast-paced, and we encourage ownership at all levels of the organization. As a result, culture at Upstart is driven by Upstarters. Upstarters are proactive, talented, multi-dimensional and collaborative.
Gallery
Upstart Offices
Remote Workspace
Employees work remotely.
Upstart has a digital-first model enabling most Upstarters can live and work anywhere in the U.S. We also offer in-person options from our office locations in San Mateo, California; Columbus, Ohio; and Austin, Texas.
