• Role: GRC Audit Manager
• X Payments
• Location: Palo Alto
• San Jose
• Bastrop
• NYC (onsite)
  Base Salary Range: 110,000 - 200,000 + Equity
  _

At X, we're on a mission to revolutionize digital interaction and create the Everything App. Our platform is a space where people can connect, share ideas, and engage in meaningful conversations.

• We’re looking for a talented and compliance-driven GRC Audit Manager
• X Payments to join our team and help us manage and maintain regulatory and compliance programs.

Who We Are:

The Governance, Risk, and Compliance (GRC) Team at X Payments and X Corp ensures adherence to industry regulations and compliance frameworks. This role focuses on managing audit functions and maintaining compliance with financial services and security frameworks.

What You’ll Do:

In this role, you’ll be responsible for overseeing audit and compliance functions, ensuring adherence to industry regulations, and collaborating with stakeholders to enhance risk management. Your role will include:

• Managing regulatory and compliance programs for X Payments.

• Overseeing audit functions within the organization, ensuring compliance with industry standards.

• Maintaining and executing audit frameworks, including:

Federal Financial Institutions Examination Council (FFIEC) audit requirements.

• New York State Department of Financial Services (NYDFS) Part 500.

• PCI-DSS Controls for SAQ-A and SAQ-D requirements.

• SOC2 Type 2 audit processes.

• NIST Cybersecurity Framework (CSF v1 and v2).

• Center for Internet Security (CIS) v7 and v8.

• MITRE ATT&CK Framework.

• Common Vulnerability Scoring Standard (CVSS).

​

• Translating risk management principles into technical controls.

• Executing internal risk assessments and identifying mitigating and compensating controls for technical risks.

• Participating in vendor risk management processes and evaluating third-party vendor risks.

• Implementing agile methodologies for planning regulatory and compliance-based work streams.

• Maintaining and managing policy and standards lifecycles.

• Collaborating with internal and external audit teams, legal counsel, and technical stakeholders.

• Handling audit and evidence identification, classification, and procurement.

• Navigating cloud platforms and cloud consoles to validate security controls and compliance.

• Applying knowledge of fundamental technologies, including: Compute, Networking, Application architecture, Databases, Cloud computing (AWS)

Who You Are:

You are a highly skilled GRC Audit Manager with extensive experience in regulatory compliance, audit processes, and risk management. You have strong analytical skills, attention to detail, and the ability to manage multiple compliance frameworks. The ideal candidate will also have:

• Expertise in risk management frameworks such as NIST RMF.

• Experience in vendor risk management and assessing third-party security risks.

• Strong background in policy writing and maintaining policy and standards lifecycles.

• Ability to manage audit and regulatory compliance efforts in a fast-paced environment.

• Experience working with cloud security and compliance.

Nice to Have:

• AWS Cloud Practitioner Certification.

• Azure Cloud Fundamentals (AZ-900) Certification.

• GCP Cloud Digital Leader Certification.

At X, our small but fast-paced team values innovation and creativity. You'll have the opportunity to make a significant impact on the future of X and our aspiration to build the Everything App. If you thrive in a dynamic, high-growth tech environment and relish the opportunity to collaborate with passionate, driven over-achievers, your career with us here at X will be both exhilarating and fulfilling.

Apply now to join our team!