Senior Program Manager, Security Assurance | GRC

Ramp

Ramp

Operations
New York, NY, USA
Posted 6+ months ago

About Ramp

Ramp is a financial operations platform designed to save businesses time and money. Combining corporate cards with expense management, bill payments, vendor management, accounting automation ,and more, Ramp's all-in-one solution frees finance teams to do the best work of their lives. More than 25,000 companies, from family-owned farms to e-commerce giants to space startups, have saved $1B and 10M hours with Ramp. Founded in 2019, Ramp powers the fastest-growing corporate card and bill payment platform in America, and enables over 35 billion dollars in purchases each year.

Ramp's investors include Sequoia, Founders Fund, Thrive Capital, Khosla Ventures, Greylock, Stripe, Goldman Sachs, Coatue, and Redpoint, as well as over 100 angel investors who were founders or executives of leading companies. The Ramp team comprises talented leaders from leading financial services and fintech companies—Stripe, Affirm, Goldman Sachs, American Express, Mastercard, Visa, Capital One—as well as technology companies such as Meta, Uber, Netflix, Twitter, Dropbox, and Instacart.

Ramp has been named to Fast Company's Most Innovative Companies list and LinkedIn's Top U.S. Startups for over 3 years, as well as the Forbes Cloud 100, CNBC Disruptor 50, and TIME Magazine's 100 Most Influential Companies.

About the Role

Join our growing security team and help build our business-enabling Security Platform program at Ramp. This role will provide direct impact by supporting security platform initiatives to empower cross-functional teams and secure Ramp.

About the Team

Our team’s mission is to ensure customer data and Ramp systems are protected through the following pods:

  • Corporate Security - Implementing solutions to pare down risk and protect our most valuable assets

  • Detection & Response - Detecting threats in our environment to respond to potential incidents proactively

  • Security Assurance - Providing trust to customers by assessing security risks, controls, and frameworks

  • Product Security - Building customer trust by improving Ramp’s products and systems

  • Platform Security - Empowering cross-functional partners by building and securing internal security platforms

What You’ll Do

  • Manage large-scale platform security programs and projects across Ramp

  • Support the implementation of platform infrastructure and controls (e.g, Source control, Environment separation) across both internal (Retool) and security (Cloudflare Tunnels, DLP solutions) tools

  • Own cross-functional relationships with Product, Engineering, Operations, CX, and Legal teams at Ramp to provide recommendations and solutions to achieve Security goals and initiatives

  • Build upon existing internal partnerships to define, iterate, and enable new initiatives to minimize security risk and mature Ramp’s security posture

  • Perform assessments across internal and external tools used at Ramp to develop configuration baseline recommendations and remediation strategies

  • Respond to security platform alerts by conducting root cause analyses, identifying relevant stakeholders, and determining required solutions and mitigations

  • Create and baseline internal metrics to provide upward reporting to management

  • Develop and iterate on reporting to drive accountability and reduce operational burden on cross-functional teams

What You Need

  • Minimum 5 years of experience building growth-aligned security programs at a fast-growing company or startup

  • Ability to lead multiple concurrent projects in an agile, fast-paced, frequently evolving environment

  • Ability to implement a broad program vision complemented by strong engineering and program management skills

  • Experience collaborating with engineers and stakeholders from outside the company on shared initiatives.

  • An understanding of what it takes to build scalable and reliable systems that balance risk, security, and user experience

  • Excellent understanding of risks and ability to prioritize potential gaps and opportunities for improvement based on our business and risk profile

  • Proficient risk management and communication skills to navigate difficult conversations with leadership while driving accountability for risk-based decisions

  • Demonstrated experience working cross-functionally across technical and non-technical teams across a large organization to drive alignment and action

Nice to Haves

  • Relevant Cybersecurity Certifications (CISSP, CISA, CCAK, CRISC, etc.)

Benefits (for U.S.-based full-time employees)

  • 100% medical, dental & vision insurance coverage for you

    • Partially covered for your dependents

    • One Medical annual membership

  • 401k (including employer match on contributions made while employed by Ramp)

  • Flexible PTO

  • Fertility HRA (up to $5,000 per year)

  • WFH stipend to support your home office needs

  • Wellness stipend

  • Parental Leave

  • Relocation support for NY

  • Pet insurance

Other notices

Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.