Enterprise Risk Management Program Manager
Stripe
Who we are
About Stripe
Stripe is a financial infrastructure platform for businesses. Millions of companies - from the world’s largest enterprises to the most ambitious startups - use Stripe to accept payments, grow their revenue, and accelerate new business opportunities. Our mission is to increase the GDP of the internet, and we have a staggering amount of work ahead. That means you have an unprecedented opportunity to put the global economy within everyone's reach while doing the most important work of your career.
About the team
As a regulated business, our second line of defense team plays a critical role in ensuring Stripe is effectively trained and aware of our top risks and regulatory obligations. In this role you will help to ensure that Stripe continues to promote a culture of risk and compliance. You will play a key role in the development and evolution of Stripe’s risk and regulatory compliance programs.
The Compliance Program and ERM Oversight team is part of the second line of defense focused on enabling Stripe to meet its regulatory and partner requirements for Enterprise Risk Management Activities. We work across Stripe’s global teams to drive the maturation and adoption of the ERM program through the development, implementation, oversight and reporting of Risk Management Activities, primarily Risk Assessment, Risk Appetite and Issue Management.
What you’ll do
You will be responsible for evolving and transforming Stripe’s ERM program frameworks across the risk management lifecycle, from establishing mechanisms for emerging risk identification to refining risk assessment processes and methodologies to building robust yet customizable risk reporting. You’ll facilitate and oversee constituent processes, such as issues and incident management, and help ensure they directly inform risk monitoring and assessment efforts. Given Stripe’s global presence, your role will involve designing, implementing, and managing these as flexible and scalable solutions with diverse communication strategies. You will also utilize tailored outreach and effective training to drive adoption and foster a culture of risk awareness. Finally, you will work closely with ERM data analysts to identify and create key risk indicators (KRIs) and monitoring tools that improve the understanding and management of risks.
Responsibilities:
- Help drive the maturation and adoption of the ERM program across the organization, ensuring alignment on vision, executing on multi-year roadmap, embedding foundational elements, and ensuring adherence to industry best practices, network/partner standards and requirements, and regulatory expectations
- This role involves project management, managing ERM processes, and developing enterprise-wide policies, while facilitating the implementation and integration of risk management principles throughout the organization
- Contribute to and assist with the preparation of management and board committee reporting
- Lead and enhance the Risk and Control Self-Assessment (RCSA) program, taking ownership of processes, documentation, and risk mitigation efforts. Collaborate with the second and first lines of defense (2LoD and 1LoD) to conduct dynamic risk assessments, identify key risks, prioritize risk drivers, and implement effective treatment strategies. Oversee the tracking of action plans to ensure proper risk management across global and entity-level operations.
- Manage the risk acceptance process by designing and coordinating acceptance procedures, ensuring thorough evaluation and documentation of acceptances, facilitating formal approvals, and maintaining clear communication of accepted risks and implications to relevant stakeholders
- Facilitate the development and deployment of a risk appetite framework.Collaborate with Key stakeholders from the First and Second Lines of Defense to determine risk appetite tolerances and document statements in alignment with organizational objectives. Establish monitoring mechanisms by identifying metrics and KRIs, oversee procedures for breaches, and ensure clear communication on risk tolerance to stakeholders.
- Sustain and embed issues management and incident management, driving consistency and quality of documentation and process application across the Enterprise
- Coordinate and ensure program integration with assurance and monitoring, audit, and 1LoD risk management functions
- Promote a positive risk-aware culture through training, communication, and understanding of best practices
- Keep abreast of industry trends, regulatory changes, and emerging risks to proactively identify potential threats and opportunities and evolve the risk management framework to align with changing business and regulatory practices
Who you are We’re looking for an Enterprise Risk Management (ERM) Program Manager (PgM) to mature and manage the second line of defense ERM program and framework. This role will be instrumental in driving Stripe’s global enterprise risk management efforts, with direct impact across the company globally. The successful candidate will be responsible for innovation, governance, and management necessary to help the business identify, evaluate, mitigate, and monitor the company's most material risks.
Minimum requirements
- 10+ years of professional experience in compliance, enterprise risk management, business process analysis, strategy and operations, consulting, and/or program management with
- Knowledge and understanding of risk management frameworks, risk assessment methodologies, risk mitigation and response practices, and control library management
- Familiarity with risks that global fintechs with a wide-range of payments and consumer products face
- Strong critical thinking and analytical skills, and the ability to distill complex, ambiguous risk and policy problems into clear, concise, and reliable conclusions
- Highly detail-oriented, organized, with strong cross-functional project management skills and a proven record of standing up and overseeing programs
- Proven stakeholder management, including navigating difficult situations, negotiating timelines, and influencing stakeholders across organizations and borders
- Excellent written and verbal communication skills, with a demonstrated aptitude for communicating clearly and effectively to a wide array of audiences, including senior management
- Excellent executive management and board-level reporting skills
- Comfort with ambiguity and fast-paced environments, along with an ability to adapt as needed
Preferred qualifications
- At least 3 years of experience in the FinTech or financial services industry
- Experience working with GRC solutions
This role is available either in an office or a remote location (typically, 35+ miles or 56+ km from a Stripe office).
Office-assigned Stripes spend at least 50% of the time in a given month in their local office or with users. This hits a balance between bringing people together for in-person collaboration and learning from each other, while supporting flexibility about how to do this in a way that makes sense for individuals and their teams.
A remote location, in most cases, is defined as being 35 miles (56 kilometers) or more from one of our offices. While you would be welcome to come into the office for team/business meetings, on-sites, meet-ups, and events, our expectation is you would regularly work from home rather than a Stripe office. Stripe does not cover the cost of relocating to a remote location. We encourage you to apply for roles that match the location where you currently or plan to live.
The annual US base salary range for this role is $158,000 - $237,000. For sales roles, the range provided is the role’s On Target Earnings ("OTE") range, meaning that the range includes both the sales commissions/sales bonuses target and annual base salary for the role. This salary range may be inclusive of several career levels at Stripe and will be narrowed during the interview process based on a number of factors, including the candidate’s experience, qualifications, and location. Applicants interested in this role and who are not located in the US may request the annual salary range for their location during the interview process.
Additional benefits for this role may include: equity, company bonus or sales commissions/bonuses; 401(k) plan; medical, dental, and vision benefits; and wellness stipends.
Office locations
New York
Remote locations
Remote in United States
Job type
Full time