People Matter

Principal Program Manager, Security



United States · Remote
Posted on Tuesday, July 9, 2024

About Upstart

Upstart is a leading AI lending marketplace partnering with banks and credit unions to expand access to affordable credit. By leveraging Upstart's AI marketplace, Upstart-powered banks and credit unions can have higher approval rates and lower loss rates across races, ages, and genders, while simultaneously delivering the exceptional digital-first lending experience their customers demand. More than two-thirds of Upstart loans are approved instantly and are fully automated.

Upstart is a digital-first company, which means that most Upstarters live and work anywhere in the United States. However, we also have offices in San Mateo, California; Columbus, Ohio; and Austin, Texas.

Most Upstarters join us because they connect with our mission of enabling access to effortless credit based on true risk. If you are energized by the impact you can make at Upstart, we’d love to hear from you!

The Team:

Upstart moves fast in expanding access to credit and automating instant approval for our borrowers. Information Security plays a vital role in keeping Upstart’s products and enterprise safe from threats, and provides confidence to our customers, partners, and industry regulators. Our organization supports Upstart’s cultural values by introducing secure solutions at the speed of business while reducing friction for our customers, partners, and Upstarters. We seek a state where we have safety by design, deep stakeholder partnerships, and the appropriate security posture to defend against threats. Our team of security professionals are committed to making Upstart safer each day.

The Role:

As a Principal Security Program Manager you’ll take a lead in shaping and delivering our top security initiatives. This role will guide InfoSec through strategic planning & execution along with providing transparency and awareness throughout Upstart. You will need to lean on your deep security expertise to ensure we’re continuously prioritizing and effectively addressing our biggest security concerns.. This role will report to the CISO and will have a broad range of responsibilities from the shaping of our control posture, reduction of operational burden, development of key security health metrics, and budget management.

Position Location - This role is available in the following locations: Remote, San Mateo, Columbus, Austin

Time Zone Requirements - This team operates across all US time zones.

Travel Requirements - This team has regular on-site collaboration sessions. These occur 3 days per quarter at an Upstart office. If you need to travel to make these meetups, Upstart will cover all travel related expenses.

How you’ll make an impact:

  • Partner with our CISO in driving strategic planning and execution of our security roadmap
  • Influence senior leaders in understanding and prioritizing security initiatives
  • Represent Upstart Security to external partners, regulators, and investors
  • Partner with security leaders to reduce operational burden and define Upstart’s key security metrics

What We’re Looking For

  • An experienced leader with deep subject matter expertise across 2-3 security domains (e.g. Application Security, Infrastructure Security, Enterprise Security, Detection & Response, Security GRC, Customer Trust, Offensive Security)
  • Ability to easily engage engineers and senior leadership on security topics through clear and simple communications both written and verbal
  • Ability to promote innovative security solutions and can independently manage the ambiguity to lead change.
  • Strong Security Program Management capabilities with experience leading large multi-team/multi-quarter security initiatives and portfolio management
  • Effective ability to manage relationships from deeper technical levels to senior leadership to influence the shaping and prioritization of security initiatives
  • Can successfully coach, mentor, and inspire a talented and senior team of security professionals
  • 10+ years of experience as a Security leader, open to strong individual contributors and people leadership

What you'll love:

  • Competitive Compensation (base + bonus & equity)
  • Comprehensive medical, dental, and vision coverage with Health Savings Account contributions from Upstart
  • 401(k) with 100% company match up to $4,500 and immediate vesting and after-tax savings
  • Employee Stock Purchase Plan (ESPP)
  • Life and disability insurance
  • Generous holiday, vacation, sick and safety leave
  • Supportive parental, family care, and military leave programs
  • Annual wellness, technology & ergonomic reimbursement programs
  • Social activities including team events and onsites, all-company updates, employee resource groups (ERGs), and other interest groups such as book clubs, fitness, investing, and volunteering
  • Catered lunches + snacks & drinks when working in offices



At Upstart, your base pay is one part of your total compensation package. The anticipated base salary for this position is expected to be within the below range. Your actual base pay will depend on your geographic location–with our “digital first” philosophy, Upstart uses compensation regions that vary depending on location. Individual pay is also determined by job-related skills, experience, and relevant education or training. Your recruiter can share more about the specific salary range for your preferred location during the hiring process.

In addition, Upstart provides employees with target bonuses, equity compensation, and generous benefits packages (including medical, dental, vision, and 401k).

United States | Remote - Anticipated Base Salary Range
$187,900$260,000 USD

Upstart is a proud Equal Opportunity Employer. We are dedicated to ensuring that underrepresented classes receive better access to affordable credit, and are just as committed to embracing diversity and inclusion in our hiring practices. We celebrate all cultures, backgrounds, perspectives, and experiences, and know that we can only become better together.

If you require reasonable accommodation in completing an application, interviewing, completing any pre-employment testing, or otherwise participating in the employee selection process, please email