Manager, Security Governance

ABOUT BESTOW

Bestow is a leading insurance technology platform serving some of the world's largest and most innovative life insurers. We are on a mission to increase financial stability for everyone. Bestow is a team of mission-driven, results-oriented individuals. We offer all employees a remote (contiguous 48 only)/hybrid workplace, meaningful benefits, substantial growth opportunities, and equity.

Bestow participates in the E-Verify Program.

ABOUT THE ROLE

Join our growing Security & Privacy team as the Manager, Security Governance, where you’ll play a key role in supporting and advancing the company’s audit preparedness and execution efforts. Reporting to senior leadership within the Chief Security Office (CSO), you will be a strategic partner to the Chief Security & Privacy Officer and a central figure in coordinating our company-wide Security & Privacy audit initiatives. In this role, you will lead audit readiness activities by managing the coordination of third-party audits—primarily SOC 1 and SOC 2—with internal stakeholders and external auditors. You will oversee audit timelines, ensure the timely collection and delivery of evidence artifacts, and guide internal teams on how to interpret and respond to control requirements. Your focus will be on aligning audit deliverables with compliance objectives while minimizing disruption to business operations. You bring a strong foundation in security, privacy, and risk management frameworks, along with prior experience supporting audit cycles, leading evidence collection efforts, or working directly with auditors. Your ability to interpret control language and translate it into actionable guidance for cross-functional teams will be essential to your success. Ideal candidates are organized, communicative, and thrive in a collaborative environment. You enjoy bridging gaps between technical and non-technical teams, and you're passionate about helping organizations demonstrate trust through sound compliance practices. This is a great opportunity to take ownership of audit readiness efforts and grow your career while making a meaningful impact on the protection of data, systems, and processes.

This role reports to the Chief Security & Privacy Officer.

WHAT YOU’LL DO

• Lead audit planning and execution efforts by managing audit schedules and timelines across internal stakeholders and external audit firms to ensure timely, organized, and successful outcomes.

• Oversee the collection, validation, and organization of audit artifacts to support SOC 1 and SOC 2 compliance efforts, partnering with business units to drive accountability and consistency.

• Interpret control requirements across multiple frameworks and translate them into actionable guidance for business owners, ensuring audit submissions are complete, accurate, and aligned with expectations.

• Advise internal teams on compliance best practices, ensuring alignment with the organization’s overarching Security, Privacy, and Compliance objectives.

• Manage recurring control and artifact reviews in collaboration with business process owners, ensuring control health and evidence quality are maintained year-round.

• Support the development, implementation, and maturation of audit controls, ensuring readiness for ongoing and upcoming audits.

• Serve as the primary liaison between internal teams and auditors, facilitating clear communication, resolving blockers, and ensuring cross-functional engagement throughout audit lifecycles.

• Create and maintain comprehensive process documentation, including workflows, guidelines, and training materials to streamline audit readiness activities and support continuous improvement.

• Lead the rollout of new audit-related processes, ensuring change management and adoption across relevant teams to support evolving audit requirements and business needs.

• Support the company’s evolving compliance landscape by contributing to the planning and coordination of additional audit and assurance activities beyond AICPA/SOC, as needed.

WHO YOU ARE

• 5–7 years of professional experience in audit, compliance, or GRC roles, with demonstrated ability to manage or support audit engagements across complex environments.

• Required: Prior hands-on experience supporting or managing AICPA SOC 1 and SOC 2 audits, including coordination, evidence collection, and interaction with auditors.

• Background in Cybersecurity, Computer Science, or a related field, or equivalent practical experience supported by relevant certifications.

• Professional certifications in Audit (e.g., CISA), Cybersecurity (e.g., Security+, CISM), Privacy (e.g., CIPM, CIPP), Compliance (e.g., CCEP), or Risk Management (e.g., CRISC) are highly valued.

• Strong project management skills, with the ability to prioritize tasks, manage timelines, and coordinate across diverse stakeholders.

• Deep interest in compliance and audit readiness, with a growth mindset and a willingness to adapt to emerging frameworks or business needs.

• Working knowledge of security and privacy standards and frameworks such as NIST, ISO 27001, and SOC, with an understanding of how these frameworks apply in an enterprise setting.

• Excellent written and verbal communication skills; comfortable providing regular updates to leadership and contributing to audit-related documentation and reporting.

• Familiarity with information security governance, risk management, or regulatory compliance is helpful; experience in regulated industries such as life insurance, financial services, or public sector is a strong plus.

• Experience supporting audits or managing the lifecycle of control evidence collection in a cross-functional setting is preferred.

TOTAL REWARDS

At Bestow, we’re proud to be awarded for our team members, innovative products, and culture. Our standard benefits include:

• Competitive salary and equity based on role

• Policies and managers that support work/life balance, like our flexible paid time off and parental leave programs 

• 100% paid-premium option for medical, dental, and vision insurance

• Lifestyle stipend to support your physical, emotional, and financial wellbeing

• Flexible work-from-home policy and open to remote

• Remote and WFH options, as well as a beautiful, state-of-the-art office in Dallas’ Deep Ellum, for those who prefer an office setting

• Employee-led diversity, equity, and inclusion initiatives

Recent Employer Awards include:

• Best Place for Working Parents 2023

• Great Place to Work Certified, 2022 + 2023 + 2024

• Built In Best Places to Work, 2022 + 2023

• Fortune’s Best Workplaces in Texas 2022 + 2023

• Fortune’s Best Workplaces in Financial Services and Insurance 2022 + 2023

We value diversity at Bestow. The company will recruit, hire, and promote regardless of race, color, religion, sex, sexual orientation, gender identity or expression, national origin, pregnancy or maternity, veteran status, or any other status protected by applicable law. We understand the importance of creating a safe and comfortable work environment and encourage individualism and authenticity in every team member. 

Thanks for considering a career at Bestow!