For Recruiters

Senior Security Analyst | GRC

Ramp
New York, United States
Posted 14 days ago Remote Permanent Competitive
Ramp is building the next generation of finance tools-from corporate cards and expense management, to bill payments and accounting integrations-designed to save businesses time and money with every click. More than 10,000 customers cut their expenses by 3.5% per year and closing their books 8x faster by switching to the Ramp platform.

Founded in 2019, Ramp powers the fastest-growing corporate card and bill payment software in America and enables billions of dollars of purchases each year. Ramp continues to grow at an increasingly large scale, more than doubling its revenue run rate in the first half of 2022.

Valued at $8.1 billion, Ramp's investors include Founders Fund, Stripe, Citi, Goldman Sachs, Coatue Management, D1 Capital Partners, Redpoint Ventures, General Catalyst, and Thrive Capital, as well as over 100 angel investors who were founders or executives of leading companies. The Ramp team comprises talented leaders from leading financial services and fintech companies-Stripe, Affirm, Goldman Sachs, American Express, Mastercard, Visa, Capital One-as well as technology companies such as Meta, Uber, Netflix, Twitter, Dropbox, and Instacart. Ramp was named Fast Company's most innovative finance company in 2022.

About the Role

Join our growing security team and help build our business-enabling Security Assurance program at Ramp. This role will provide direct impact by driving security compliance, third party risk, and assurance initiatives across Ramp. This will include a focus on the maturation of our security posture, due diligence efforts, and overall risk management.

What You'll Do
  • Lead the governance risk and compliance management program to achieve reports/certifications such as SOC2, ISO 27001/2, PCI-DSS , and others as appropriate
  • Build and maintain a comprehensive security risk register of Ramp's systems, cloud infrastructure, and data repositories
  • Assess identified security risks and work cross functionally to create and execute treatment plans.
  • Design and implement a common security control framework and ensure that controls are aligned with applicable security standards and regulations
  • Support GRC tool implementation, utilization, and automation to support Ramp's security initiatives.
  • Help prepare for and minimize the impact of business disruptions through Business Impact Assessments and Business Continuity/Disaster Recovery exercises
  • Work with external auditors and regulators to ensure compliance with technology risk and compliance initiatives
What You Need
  • Minimum 5 years of experience with security requirements, standards and practices including NIST CSF, NIST 800-53, ISO 27001, PCI, SOC2, etc.
  • Minimum 3 years of experience in supporting business-enabling GRC programs in highly regulated industries (e.g., SaaS, Finance)
  • Ability to lead end to end security audits from design and implementation of controls to audit execution and project management
  • Excellent understanding of risks and ability to prioritize potential gaps and opportunities for improvement based on our business and risk profile
  • Experience supporting and building out a comprehensive third party risk management program
  • Proficient risk management and communication skills to navigate difficult conversations with leadership while driving accountability for risk-based decisions
  • Experience working with a range of customers to provide assurance on complex security concerns
  • Demonstrated experience working cross-functionally across technical and non-technical teams across a large organization to drive alignment and action
Nice to Haves
  • Security Certifications (CISSP, CISA, CCAK, CRISC, etc.)
  • Familiarity with GRC tool automation, monitoring, and maintenance
About Our Team

Our team's mission is to enable the business and provide assurance to our customers through the following pillars:
  • Security Governance & Risk focuses on implementing a risk and compliance program that identifies and mitigates risk across the organization.
  • Security Compliance focuses on maintaining a compliance roadmap (SOC 2, ISO 27001, PCI, SOX) based on customer and internal needs.
  • Customer Assurance focuses on owning customer assurance packages (questionnaires, trust site, sales enablement)
  • Third Party Risk Management focuses on guarding against threats posed by third parties who have access to Ramp data.
Ramp Benefits (for U.S. based employees)
  • 100% medical, dental & vision insurance coverage for you
    • Partially covered for your dependents
    • OneMedical annual membership
  • 401k (including employer match)
  • Unlimited PTO
  • Annual education reimbursement
  • WFH stipend to support your home office needs
  • Monthly wellness stipend; Headspace annual membership
  • Parental Leave
  • Relocation support
Job ID  4821276002
More jobs From Ramp
Product Manager
Ramp
New York, USA
about 8 hours ago Full time Competitive
Data Science Tech Lead | Data Products
Ramp
New York, USA
1 day ago Full time Competitive
Software Engineer Internship - Frontend
Ramp
New York, USA
2 days ago Full time Competitive
Senior Brand Designer | Art & Image
Ramp
New York, USA
2 days ago Full time Competitive
Senior Risk Operations Specialist | Customer Management
Ramp
New York, USA
22 days ago Full time Competitive
Sales Enablement Program Manager
Ramp
New York, USA
about 1 month ago Full time Competitive
SMB Account Executive
Ramp
New York, USA
about 1 month ago Full time Competitive
Director of Revenue Operations
Ramp
New York, USA
about 1 month ago Full time Competitive
Sales Development Manager
Ramp
New York, USA
about 2 months ago Full time Competitive
Account Executive
Ramp
New York, USA
about 2 months ago Full time Competitive
Recommended Jobs
BNY  Mellon
Vice President, Technology Risk Management
BNY Mellon
New York, United States
Canada Life Limited
Junior Loan and Credit Risk Manager
Canada Life Limited
London, United Kingdom
Miryco Consultants Ltd
Investment Support Analyst
Miryco Consultants Ltd
London, United Kingdom
Westbourne Partners
Head of International Islamic Banking Audit
Westbourne Partners
Doha, Qatar