Location requirements
At Ramp, we’re rethinking how modern finance teams function in the age of AI. We believe AI isn’t just the next big wave. It’s the new foundation for how business gets done. We’re investing in that future — and in the people bold enough to build it.
Ramp is a financial operations platform designed to save companies time and money. Our all-in-one solution combines payments, corporate cards, vendor management, procurement, travel booking, and automated bookkeeping with built-in intelligence to maximize the impact of every dollar and hour spent. More than 50,000 businesses, from family-owned farms to e-commerce giants to space startups, have saved $10B and 27.5M hours with Ramp. Founded in 2019, Ramp powers the fastest-growing corporate card and bill payment platform in America, and enables over $100 billion in purchases each year.
Ramp’s investors include Lightspeed Venture Partners, Thrive Capital, Sands Capital, General Catalyst, Founders Fund, Khosla Ventures, Sequoia Capital, Greylock, Redpoint, and ICONIQ, as well as over 100 angel investors who were founders or executives of leading companies. The Ramp team comprises talented leaders from leading financial services and fintech companies—Stripe, Affirm, Goldman Sachs, American Express, Mastercard, Visa, Capital One—as well as technology companies such as Meta, Uber, Netflix, Twitter, Dropbox, and Instacart.
Ramp has been named to Fast Company’s Most Innovative Companies list and LinkedIn’s Top U.S. Startups for more than 3 years, as well as the Forbes Cloud 100, CNBC Disruptor 50, and TIME Magazine’s 100 Most Influential Companies.
About the Role
Ramp’s Enterprise Security team is responsible for keeping our people, data, and internal tools safe while enabling a fast‑moving, AI‑driven business.
As a Senior Security Analyst (Corporate Security), you’ll own and scale core security programs across identity, endpoints, SaaS, and data. You’ll be the primary driver for Insider Risk, DLP, SaaS posture, and endpoint security across both our corporate and FedRAMP‑aligned environments—designing strategy, implementing controls, and measuring outcomes.
Ramp is agent‑first: we rely heavily on AI assistants and automated workflows. You’ll ensure those capabilities are securely rolled out to the business, not blocked.
Hybrid in NYC: This role is based in New York City and requires working in‑person at our HQ (near Madison Square Park) at least 2 days per week.
This is a senior, hands‑on individual contributor role (IC5), not a people‑management or SOC Tier 1 position.
What You’ll Do
Own core enterprise security programs
Lead and continuously improve Insider Risk and DLP across Ramp—from policies and detections to playbooks, case handling, and stakeholder training.
Secure SaaS at scale
Manage and harden our SaaS stack (SSPM/CASB and native controls):
Remediate misconfigurations
Remove stale accounts/admins
Enforce key rotation and safe OAuth scopes
Gate risky apps and integrations
Run sovereign / FedRAMP‑aligned environments
Operate sovereign Google Workspace and Okta tenants with strict access, monitoring, and logging. Partner with GRC to ensure controls align to NIST 800‑53/800‑171 and FedRAMP‑aligned requirements without slowing down the business.
Modernize identity & access
Work with IT and Security Engineering to enforce:
Phishing‑resistant MFA
Device‑aware and context‑aware access
Least privilege and just‑in‑time (JIT) patterns
SCIM‑based lifecycle management
Strong break‑glass access patterns and reviews
Harden endpoints and network
Help keep our macOS and Windows fleets secure at scale using EDR, MDM, and disk encryption; drive patch SLAs; and enforce ZTNA/SSE policies (e.g., Cloudflare WARP) for secure access to internal resources.
Measure, review, and improve
Define and track key metrics (coverage, policy efficacy, MTTD/MTTR, configuration drift). Run regular control health reviews and drive remediation with partner teams.
Automate and simplify
Use scripting, APIs, or workflow tools to reduce manual toil in enterprise security operations (e.g., account hygiene, access reviews, configuration checks, alert triage).
Partner & communicate
Collaborate closely with IT, Engineering, Legal, People, and GRC. Write clear docs, runbooks, and decision records that make it easy for others to operate and build on your work.
What You Need
Experience level
3+ years in enterprise/corporate security engineering or operations, with hands‑on ownership of security controls for identity, endpoints, SaaS, or data.
You’re comfortable being the primary owner of programs, not just following an existing playbook.
Eligibility
U.S. citizenship is required for this role due to the nature of our sovereign / FedRAMP‑aligned environments.
Technical background
Practical experience implementing and tuning Insider Risk, DLP, SaaS posture, or endpoint security in a cloud‑first environment.
Hands‑on administration of a modern identity provider and collaboration suite—Okta and Google Workspace are ideal, but similar experience (e.g., Azure AD / Entra ID, Microsoft 365) is highly relevant.
Familiarity with tools and concepts like EDR, MDM, SSPM/CASB, DSPM, and ZTNA/SSE, and experience hardening macOS and/or Windows at scale.
Experience aligning controls to at least one security framework or regulated environment (e.g., FedRAMP, NIST 800‑53/171, SOC 2, ISO 27001) and translating requirements into practical enterprise controls.
How you work
You can spot gaps, design pragmatic remediations, and drive them to completion across multiple teams.
You’re comfortable using automation (scripts, workflows, or low‑code tools) to make security more scalable and less manual.
You communicate clearly—whether you’re writing a runbook, summarizing risk tradeoffs, or explaining a control choice to non‑security partners.
You enjoy partnering with IT and Engineering to get things shipped, not just documented.
Nice-to-Haves
Experience operating sovereign or public‑sector / regulated tenants (e.g., FedRAMP, StateRAMP, or similar).
Background scaling security in a high‑growth, cloud‑first startup or scale‑up environment (ideal but not required).
Experience securing or enabling AI/agent workflows inside an enterprise.
Intermediate scripting skills (e.g., Python, Bash, PowerShell) for automation and integrations.
Relevant certifications (e.g., CISSP, CISM, Security+, GIAC) or equivalent real‑world depth.
100% medical, dental & vision insurance coverage for you
Partially covered for your dependents
One Medical annual membership
401k (including employer match on contributions made while employed by Ramp)
Flexible PTO
Fertility HRA (up to $5,000 per year)
WFH stipend to support your home office needs
Wellness stipend
Parental Leave
Relocation support to NYC or SF (as needed)
Pet insurance
If you are being referred for the role, please contact that person to apply on your behalf.
Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.
Please mention you found this job on YesRemoteJobs - it really helps us!
Ramp provides next-generation video delivery solutions to unleash the power of video inside the enterprise. As the use of video for business communications continues to grow, the ability to stream successfully to audiences inside the corporate firewall becomes more and more difficult. Deploying an enterprise content delivery network (eCDN) optimizes the distribution of video and ensures employees everywhere have a great viewing experience. AltitudeCDN™ is a simple and secure software solution that overlays your existing network infrastructure to ensure high-quality, stable video from any streaming platform without expensive network upgrades, proprietary infrastructure or custom video players. Multicast+ Multicast+ is the only standards-based multicast solution for HLS and DASH, the two leading streaming protocols in use today and the defacto standards of the future. For enterprises with multicast-enabled networks, Multicast+ is the next-generation replacement for end-of-life solutions from Microsoft and Cisco. OmniCacheOmniCache is an advanced video caching solution for live and on-demand video that replaces expensive infrastructure upgrades with a lower cost, flexible solution. The lightweight software-only solution runs on your existing infrastructure and supports all streaming protocols including HLS, DASH, HDS and Smooth Streaming. AltimeterAltimeter is the first and only centralized management system for enterprise-grade multicasting and video caching, allowing you to configure and visually monitor the status and performance of your entire eCDN deployment from a single, web-based interface. AltitudeCDN is common enterprise streaming infrastructure-vendor neutral, scalable, secure, reliable and affordable-making it the only distribution infrastructure you need to support all your video streaming platforms. Learn more at ramp.com.
View company