Security Program Manager

Summary

Join Earnest as a Security Program Manager and contribute to our mission of making higher education accessible and affordable. Align security policies with compliance requirements (GLBA, FFIEC, NY DFS, SOC 2, SOX). Lead and refine security governance, risk, and compliance processes. Lead high-impact security and compliance projects. Facilitate scrum ceremonies and oversee the Security Champions program. Oversee vendor and third-party assessments. This role offers a competitive salary ($197,000-$246,000 USD), remote work flexibility with monthly Oakland office visits, and a comprehensive benefits package.

Requirements

• At least 7 years of relevant experience in information security, compliance, risk management, or program management, with the ability to contribute at both strategic and tactical levels
• A minimum of 1 year experience managing complex security compliance functions and ensuring successful execution of key initiatives
• Deep expertise in audit processes and security compliance frameworks such as GLBA, FFIEC, NY DFS, SOC 2, and SOX
• Proven track record of leading cross-functional initiatives and managing complex projects from inception to completion
• Strong understanding of cloud-native technologies (e.g., AWS, Kubernetes) and modern CI/CD workflows
• Willingness to travel to the Oakland office monthly to collaborate with other Earnies

Responsibilities

• Align security policies and controls with applicable compliance requirements (e.g., GLBA, FFIEC, NY DFS, SOC 2, SOX)
• Lead and refine security governance, risk, and compliance processes, including the production of regular program status reports
• Lead high-impact security and compliance projects with cross-team dependencies, ensuring timely and successful completion
• Facilitate scrum ceremonies within the security team to foster a shared understanding of security objectives and initiatives
• Oversee the Security Champions program, driving security awareness and participation throughout the organization
• Overseeing vendor and third-party assessments to ensure compliance with security requirements

Preferred Qualifications

Relevant certifications such as CISSP, CISM, CISA or CRISC are a plus

Benefits

• Health, Dental, & Vision benefits plus savings plans
• Mac computers + work-from-home stipend to set up your home office
• Monthly internet and phone reimbursement
• Employee Stock Purchase Plan
• Restricted Stock Units (RSUs)
• 401(k) plan to help you save for retirement plus a company match
• Robust tuition reimbursement program
• $1,000 travel perk on each Earnie-versary to anywhere in the world
• Competitive days of annual PTO
• Competitive parental leave