Job Overview
Location
Remote
Job Type
Full-time
Category
Cybersecurity
Date Posted
May 8, 2026
Full Job Description
đź“‹ Description
- • The Security and Compliance Manager at Givebutter will own the company's security function, focusing on hardening critical systems, implementing security controls, and managing compliance certifications like SOC 2 and ISO 27001. This role is essential to protecting donor data, payment infrastructure, and maintaining trust in Givebutter’s nonprofit fundraising platform.
- • Day to day, the role involves partnering with Product, Design & Engineering to embed security into the development lifecycle, managing vulnerability assessments and penetration testing, overseeing identity and access management, leading incident response, and driving continuous compliance through GRC tools like Vanta. The manager will also develop security awareness training and manage third-party vendor risk.
- • Givebutter is a mission-driven, remote-first company recognized as a Great Place to Work® and the #1 rated nonprofit software on G2. The company empowers nonprofits with free fundraising tools and operates with a transparent tip-or-fee model, valuing both impact and a fun, inclusive work culture.
- • In this role, the individual will build and scale a mature security program from the ground up, gain deep expertise in fintech and payments compliance, lead high-stakes audits, and directly influence the security posture of a growing platform handling sensitive donor and payment data. They will develop leadership in GRC, threat modeling, and cross-functional influence while working closely with the General Counsel and executive teams.
🎯 Requirements
- • 7+ years of experience in information security, security engineering, GRC, or a related field, including at least 4 years within a fintech, payments, or financial services environment
- • Hands-on experience hardening production systems at a growth-stage company (Series A–D or equivalent), including areas such as IAM, application security, infrastructure security, vulnerability management, or secure SDLC practices
- • Deep working knowledge of SOC 2 and PCI DSS, plus hands-on experience with at least one additional security framework such as NIST CSF, ISO 27001, or CIS Controls
- • Experience leading external security audits end-to-end, including auditor management, evidence collection, remediation tracking, and executive or board-level reporting
- • Hands-on experience administering GRC/compliance platforms such as Vanta, Drata, Secureframe, or similar, including driving remediation workflows to closure
🏖️ Benefits
- • Remote work from one of 10 U.S. hubs including Austin, Denver, Indianapolis, Los Angeles, San Francisco, New York, Salt Lake City, Minneapolis, Seattle, and Nashville
- • 100% employer-paid medical, dental, and vision insurance for employees, with 50% coverage for dependents
- • 3% 401k match, flexible PTO with uncapped vacation days, and a company-wide Wellness Week each summer
- • 12 weeks of paid parental leave for all parents, plus family care support via UrbanSitter membership and care credits
- • Home office and coworking stipends, professional development reimbursement, and up to $50/month charitable giving match on Givebutter
Skills & Technologies
About Givebutter Inc.
Givebutter Inc. operates a cloud fundraising platform for nonprofits, schools, and community groups, combining online donation forms, peer-to-peer campaigns, ticketing, and CRM tools. It offers transparent pricing through optional donor tips, native livestreaming, text-to-give, and integrations with Stripe and QuickBooks. Organizations use it to collect recurring gifts, sell event tickets, and manage donor data from one dashboard, while donors can track impact via social feeds and real-time progress bars. Founded in 2016 and headquartered in Washington, D.C., the venture-backed company serves thousands of U.S. charities and has processed over $1 billion in donations.
Subscribe to the weekly newsletter for similar remote roles and curated hiring updates.
Newsletter
Weekly remote jobs and featured talent.
No spam. Only curated remote roles and product updates. You can unsubscribe anytime.
Similar Opportunities
Arctic Wolf Networks, Inc.
9 days ago
Akaysha Energy Pty Ltd
3 months ago
Arctic Wolf Networks, Inc.
2 months ago
