At Ripple, we’re building a world where value moves like information does today. It’s big, it’s bold, and we’re already doing it. Through our crypto solutions for financial institutions, businesses, governments and developers, we are improving the global financial system and creating greater economic fairness and opportunity for more people, in more places around the world. And we get to do the best work of our career and grow our skills surrounded by colleagues who have our backs. 

If you’re ready to see your impact and unlock incredible career growth opportunities, join us, and build real world value.

THE WORK:

Ripple is transforming the global financial system using blockchain technology and a rapidly expanding network of financial institutions. As we scale, we are building a world-class Information Security program that supports our mission of trust, compliance, and resilience.

We’re looking for a detail-oriented, hands-on Information Security professional with a foundational understanding of governance, risk, and compliance (GRC). This is a strong opportunity for a motivated contributor—not a leader—to gain experience in technical audits, evidence collection, and regulatory alignment in a fast-paced, innovative environment.

This role is ideal for someone early in their GRC career who is eager to build fluency in security compliance practices, contribute to audits and testing, and grow their skillset through real execution. You’ll work closely with senior GRC professionals and cross-functional teams, gaining exposure to both the technical and regulatory aspects of compliance.

WHAT YOU’LL DO:

• Support the mapping of global frameworks (SOC 2, ISO 27001, DORA, GDPR) to Ripple’s control library—learning how regulatory controls align to internal security practices.
• Assist in the scoping, planning, and execution of periodic control testing for cloud environments, infrastructure, and security processes.
• Gain system access (e.g., AWS, Okta, endpoint tooling) and collect technical evidence such as logs, screenshots, and access reports to support audit activities.
• Participate in internal and external audits by organizing documentation and tracking requests, and support more senior team members in interfacing with auditors and regulators.
• Help develop and maintain internal GRC documentation, training materials, and workflows that make complex processes accessible to broader teams.
• Join training sessions and workshops to improve internal audit readiness and support awareness across engineering, product, and security teams.
• Identify potential gaps in controls and support remediation discussions by organizing findings and working closely with control owners.
• Assist in creating program metrics and audit reports that help leadership understand the health and maturity of the GRC program.
• Collaborate with teams across security, compliance, product, and engineering to ensure GRC processes align with business goals.

WHAT YOU'LL BRING: 

• Bachelor's degree in Information Security, Cybersecurity, or a related field (or equivalent practical experience).
• 3–5 years of experience in an infosec, audit, or technical compliance function—experience in regulated environments is a plus.
• Familiarity with IT general controls (ITGC), access management, cloud infrastructure, and system logs.
• Curiosity and a self-starter mindset—you enjoy understanding how things work and take initiative to follow up.
• Experience pulling technical evidence and organizing documentation, even if not in a formal audit context.
• Interest in developing clear technical documentation and internal process guides.Exposure to frameworks like SOC 2, ISO 27001, or NIST—even as part of a supporting team—is valuable.
• Experience using tools like Jira, Confluence, or cloud platforms (e.g., AWS, Okta) is helpful but not required.
• Ability to work independently in a remote environment while staying engaged and communicative with your team.

For positions that will be based in CA, the annual salary range for this position is below. Actual salaries may vary based on numerous factors including, among other things, an individual applicant’s experience and qualifications for the position. This range does not include equity or additional compensation, such as bonuses or commissions. CA Annual Base Salary Range$112,000—$125,000 USD

WHO WE ARE:

Do Your Best Work

• The opportunity to build in a fast-paced start-up environment with experienced industry leaders
• A learning environment where you can dive deep into the latest technologies and make an impact.  A professional development budget to support other modes of learning.
• Thrive in an environment where no matter what race, ethnicity, gender, origin, or culture they identify with, every employee is a respected, valued, and empowered part of the team.
• In-office collaboration for moments that matter is important to our culture, and we give managers and teams the flexibility to decide which 10+ days a month they come in. 
• Bi-weekly all-company meeting - business updates and ask me anything style discussion with our Leadership Team
• We come together for moments that matter which include team offsites, team bonding activities, happy hours and more!

Take Control of Your Finances

• Competitive salary, bonuses, and equity
• Competitive benefits that cover physical and mental healthcare, retirement, family forming, and family support
• Employee giving match
• Mobile phone stipend

Take Care of Yourself

• R&R days so you can rest and recharge
• Generous wellness reimbursement and weekly onsite & virtual programming
• Generous vacation policy - work with your manager to take time off when you need it
• Industry-leading parental leave policies. Family planning benefits.
• Catered lunches, fully-stocked kitchens with premium snacks/beverages, and plenty of fun events

Benefits listed above are for full-time employees. 

Ripple is an Equal Opportunity Employer. We’re committed to building a diverse and inclusive team. We do not discriminate against qualified employees or applicants because of race, color, religion, gender identity, sex, sexual identity, pregnancy, national origin, ancestry, citizenship, age, marital status, physical disability, mental disability, medical condition, military status, or any other characteristic protected by local law or ordinance.   Please find our UK/EU Applicant Privacy Notice and our California Applicant Privacy Notice for reference.