Security GRC Program Manager - Remote

Overview

The Security GRC Program Manager will own the customer trust, security compliance, and assurance programs at Vanilla, ensuring the operational backbone for reliable shipping while maintaining customer trust.

In Short

• Lead customer due diligence questionnaire (DDQ) and RFP response process.
• Support enterprise sales with technical customer security discussions.
• Lead SOC 2 Type II audit preparation and evidence collection.
• Conduct third party vendor security assessments.
• Implement and manage third party tools and processes.
• Develop security narratives for new product functionality.
• Review and negotiate security and compliance language in contracts.
• Build customer-facing compliance artifacts.

Requirements

• 5+ years in a technical and/or security role with customer-facing experience.
• 3+ years in program management or customer trust within the tech industry.
• Proven track record in driving security processes.
• Strong attention to detail and organizational skills.
• Strong contract review and negotiation skills.
• Knowledge of security risks and vulnerabilities.
• Background in supporting customer audits.

Benefits

• Flexible paid time off policy and 10 paid holidays.
• Parental leave for full-time employees.
• Medical, dental, and vision benefits coverage.
• 401K eligibility after one month.
• Free estate planning documents.
• Budget for learning & development.
• Paid parking or transit for hybrid employees.