Demo
Salary Resume Critique Job Openings

Staff / Senior Security GRC Engineer

Ripple
San Francisco, CA Full Time
POSTED ON 3/7/2025
AVAILABLE BEFORE 5/26/2025

Ripple

Ripple is the leading provider of cross-border payment and digital asset custody solutions. Discover how we help drive impact with blockchain for businesses.

At Ripple, we're building a world where value moves like information does today. It's big, it's bold, and we're already doing it. Through our crypto solutions for financial institutions, businesses, governments and developers, we are improving the global financial system and creating greater economic fairness and opportunity for more people, in more places around the world. And we get to do the best work of our career and grow our skills surrounded by colleagues who have our backs.

If you're ready to see your impact and unlock incredible career growth opportunities, join us, and build real world value.

THE WORK :

Through our blockchain technology and rapidly growing network of financial institutions, Ripple is looking for passionate Information Security professionals to build a world-class Information Security program. In this critical role, you will be responsible for driving operational excellence through automation within the GRC program. It requires a deep understanding of all areas of GRC with technical program management experience and knowledge of cloud, API integration and information security technologies.

WHAT YOU'LL DO :

  • Identify, assess, and prioritize information security risks across the organization, aligning with business objectives and risk appetite.
  • Develop and maintain a comprehensive risk repository, ensuring all identified risks are documented, tracked, and regularly updated.
  • Partner with stakeholders to analyze technical and business impacts of identified risks and recommend appropriate mitigation strategies.
  • Facilitate and lead risk assessment processes.
  • Remain up to date on current security laws, regulations, and standards (SOC2, ISO 27001, NYDFS, PSD2, MAS, DORA, CBI, MICA, etc.).
  • Represent the Infosec GRC team by actively engaging in projects and providing guidance, requirements, and documentation when requested.
  • Participate in designing and implementing technical solutions on how to optimize, automate, and monitor GRC processes such as control testing, evidence collection, workflows, and risk management activities.
  • Provide technical GRC guidance to Information Security and Engineering teams.
  • Participate in the configuration and administration of the program via integrated GRC tools.
  • Mentor and grow the GRC team while fostering an innovative, healthy, and productive team culture.
  • Build strong partnerships with technical and business leaders to align team resources with company priorities and strategic goals.
  • Develop and manage end-to-end technical GRC projects, establishing clear metrics and milestones to track progress and ensure timely delivery.
  • Develop and maintain dashboards to provide visibility into compliance status, risk posture, and program effectiveness.
  • Develop automation workflows to streamline evidence collection for audits, control testing, and security configuration monitoring.
  • Assist with developing configuration monitoring capabilities for SaaS and IaaS platforms.
  • Mentor team members to effectively manage their workflows, programs, and projects independently, fostering self-reliance and professional growth.

WHAT YOU'LL BRING :

  • Bachelor's Degree in relevant discipline or equivalent work experience.
  • 7 years of experience in information security risk management and compliance within a highly regulated industry.
  • A solid foundation in a technical information security role, with hands-on experience in areas such as infrastructure security, security operations, or security architecture, demonstrating a deep understanding of technical security measures, best practices, and their application to risk management and compliance.
  • Exceptional writing skills, with the ability to clearly and effectively communicate risks and craft accurate, professional policies and procedures.
  • Experience working with engineering teams to understand issues and prioritize remediations.
  • The ability to obtain a deep understanding of the company's technology and product stack is essential, enabling the identification and assessment of associated security risks with precision and depth.
  • Exceptional analytical skills with the ability to translate complex security risks into clear and actionable recommendations.
  • Proficiency with common information security frameworks including SOC2, ISO 27001, NYDFS, PSD2, MAS, DORA, CBI, MICA, etc.
  • Familiarity with capability maturity frameworks.
  • Hands-on experience assessing and managing security risks in public cloud environments, with a strong preference for expertise in AWS.
  • Proficiency in evaluating security risks associated with Kubernetes and container orchestration environments is not mandatory, but highly desirable.
  • Demonstrated ability to navigate cloud security and compliance challenges effectively.
  • Ability to collaborate effectively with cross-functional teams of engineers, product managers, and security and compliance experts.
  • Familiarity and experience with IT / Security tooling, including GRC platforms.
  • Ability to analyze empirical evidence and technical reports, identify root causes, and work with teams to identify solutions to remediate gaps.
  • Someone willing to adapt to changes in a fast-moving environment.
  • Experience with cloud-native pre-IPO startup companies.
  • Desirable certifications : CISSP, CISA, AWS Certified Solutions Architect, AWS Certified Security, PMP.

    • For positions that will be based in CA, the annual salary range for this position is below. Actual salaries may vary based on numerous factors including, among other things, an individual applicant's experience and qualifications for the position. This range does not include equity or additional compensation, such as bonuses or commissions.

    CA Annual Base Salary Range : $188,000—$211,000 USD

    WHO WE ARE : Do Your Best Work

  • The opportunity to build in a fast-paced start-up environment with experienced industry leaders.
  • A learning environment where you can dive deep into the latest technologies and make an impact. A professional development budget to support other modes of learning.
  • Thrive in an environment where no matter what race, ethnicity, gender, origin, or culture they identify with, every employee is a respected, valued, and empowered part of the team.
  • In-office collaboration for moments that matter is important to our culture, and we give managers and teams the flexibility to decide which 10 days a month they come in.
  • Weekly all-company meeting - business updates and ask me anything style discussion with our Leadership Team.
  • We come together for moments that matter which include team offsites, team bonding activities, happy hours and more!

    • Take Control of Your Finances

  • Competitive salary, bonuses, and equity.
  • Competitive benefits that cover physical and mental healthcare, retirement, family forming, and family support.
  • Employee giving match.
  • Mobile phone stipend.

    • Take Care of Yourself

  • R&R days so you can rest and recharge.
  • Generous wellness reimbursement and weekly onsite & virtual programming.
  • Generous vacation policy - work with your manager to take time off when you need it.
  • Industry-leading parental leave policies. Family planning benefits.
  • Catered lunches, fully-stocked kitchens with premium snacks / beverages, and plenty of fun events.

    • Benefits listed above are for full-time employees.

    Ripple is an Equal Opportunity Employer. We're committed to building a diverse and inclusive team. We do not discriminate against qualified employees or applicants because of race, color, religion, gender identity, sex, sexual identity, pregnancy, national origin, ancestry, citizenship, age, marital status, physical disability, mental disability, medical condition, military status, or any other characteristic protected by local law or ordinance. Please find our UK / EU Applicant Privacy Notice and our California Applicant Privacy Notice for reference.

    J-18808-Ljbffr

    Salary : $188,000 - $211,000

    If your compensation planning software is too rigid to deploy winning incentive strategies, it’s time to find an adaptable solution. Compensation Planning
    Enhance your organization's compensation strategy with salary data sets that HR and team managers can use to pay your staff right. Surveys & Data Sets

    What is the career path for a Staff / Senior Security GRC Engineer?

    Sign up to receive alerts about other jobs on the Staff / Senior Security GRC Engineer career path by checking the boxes next to the positions that interest you.
    Income Estimation: 
    $179,455 - $227,077
    Income Estimation: 
    $214,167 - $272,269
    Income Estimation: 
    $152,549 - $188,894
    Income Estimation: 
    $194,072 - $240,547
    Income Estimation: 
    $135,994 - $168,063
    Income Estimation: 
    $161,209 - $233,553
    Income Estimation: 
    $194,072 - $240,547
    Income Estimation: 
    $220,784 - $286,649
    Income Estimation: 
    $87,093 - $107,335
    Income Estimation: 
    $111,725 - $147,313
    Income Estimation: 
    $112,673 - $137,290
    Income Estimation: 
    $140,233 - $181,029
    Income Estimation: 
    $161,209 - $233,553
    Income Estimation: 
    $112,673 - $137,290
    Income Estimation: 
    $139,945 - $168,577
    Income Estimation: 
    $140,233 - $181,029
    Income Estimation: 
    $161,209 - $233,553
    Employees: Get a Salary Increase
    View Core, Job Family, and Industry Job Skills and Competency Data for more than 15,000 Job Titles Skills Library

    Job openings at Ripple

    Product Marketing Lead, Custody
    Ripple
    Hired Organization Address Miami, FL Full Time
    At Ripple, we’re building a world where value moves like information does today. It’s big, it’s bold, and we’re already ...
    Senior Staff Software Engineer, Platform
    Ripple
    Hired Organization Address San Francisco, CA Full Time
    At Ripple, we're building a world where value moves like information does today. It's big, it's bold, and we're already ...
    Internal Audit Manager
    Ripple
    Hired Organization Address San Francisco, CA Full Time
    At Ripple, we're building a world where value moves like information does today. It's big, it's bold, and we're already ...
    SALES ENABLEMENT MANAGER
    Ripple
    Hired Organization Address CA Full Time
    At Ripple, we're building a world where value moves like information does today. It's big, it's bold, and we're already ...
    View More Jobs at Ripple

    Not the job you're looking for? Here are some other Staff / Senior Security GRC Engineer jobs in the San Francisco, CA area that may be a better fit.

    Security GRC Senior Analyst :

    Akraya, San Francisco, CA

    Senior GRC Engineer

    Crusoe, San Francisco, CA

    View More Jobs

    AI Assistant is available now!

    Feel free to start your new journey!