Job Specifications
About Ramp
At Ramp, we’re rethinking how modern finance teams function in the age of AI. We believe AI isn’t just the next big wave. It’s the new foundation for how business gets done. We’re investing in that future — and in the people bold enough to build it.
Ramp is a financial operations platform designed to save companies time and money. Our all-in-one solution combines payments, corporate cards, vendor management, procurement, travel booking, and automated bookkeeping with built-in intelligence to maximize the impact of every dollar and hour spent. More than 50,000 businesses, from family-owned farms to e-commerce giants to space startups, have saved $10B and 27.5M hours with Ramp. Founded in 2019, Ramp powers the fastest-growing corporate card and bill payment platform in America, and enables over $100 billion in purchases each year.
Ramp’s investors include Lightspeed Venture Partners, Thrive Capital, Sands Capital, General Catalyst, Founders Fund, Khosla Ventures, Sequoia Capital, Greylock, Redpoint, and ICONIQ, as well as over 100 angel investors who were founders or executives of leading companies. The Ramp team comprises talented leaders from leading financial services and fintech companies—Stripe, Affirm, Goldman Sachs, American Express, Mastercard, Visa, Capital One—as well as technology companies such as Meta, Uber, Netflix, Twitter, Dropbox, and Instacart.
Ramp has been named to Fast Company’s Most Innovative Companies list and LinkedIn’s Top U.S. Startups for more than 3 years, as well as the Forbes Cloud 100, CNBC Disruptor 50, and TIME Magazine’s 100 Most Influential Companies.
About The Role
Ramp’s Enterprise Security team is responsible for keeping our people, data, and internal tools safe while enabling a fast‑moving, AI‑driven business.
As a Senior Security Analyst (Corporate Security), you’ll own and scale core security programs across identity, endpoints, SaaS, and data. You’ll be the primary driver for Insider Risk, DLP, SaaS posture, and endpoint security across both our corporate and FedRAMP‑aligned environments—designing strategy, implementing controls, and measuring outcomes.
Ramp is agent‑first: we rely heavily on AI assistants and automated workflows. You’ll ensure those capabilities are securely rolled out to the business, not blocked.
Hybrid in NYC: This role is based in New York City and requires working in‑person at our HQ (near Madison Square Park) at least 2 days per week.
This is a senior, hands‑on individual contributor role (IC5), not a people‑management or SOC Tier 1 position.
What You’ll Do
Own core enterprise security programs Lead and continuously improve Insider Risk and DLP across Ramp—from policies and detections to playbooks, case handling, and stakeholder training.
Secure SaaS at scale Manage and harden our SaaS stack (SSPM/CASB and native controls):
Remediate misconfigurations
Remove stale accounts/admins
Enforce key rotation and safe OAuth scopes
Gate risky apps and integrations
Run sovereign / FedRAMP‑aligned environments Operate sovereign Google Workspace and Okta tenants with strict access, monitoring, and logging. Partner with GRC to ensure controls align to NIST 800‑53/800‑171 and FedRAMP‑aligned requirements without slowing down the business.
Modernize identity & access Work with IT and Security Engineering to enforce:
Phishing‑resistant MFA
Device‑aware and context‑aware access
Least privilege and just‑in‑time (JIT) patterns
SCIM‑based lifecycle management
Strong break‑glass access patterns and reviews
Harden endpoints and network Help keep our macOS and Windows fleets secure at scale using EDR, MDM, and disk encryption; drive patch SLAs; and enforce ZTNA/SSE policies (e.g., Cloudflare WARP) for secure access to internal resources.
Measure, review, and improve Define and track key metrics (coverage, policy efficacy, MTTD/MTTR, configuration drift). Run regular control health reviews and drive remediation with partner teams.
Automate and simplify Use scripting, APIs, or workflow tools to reduce manual toil in enterprise security operations (e.g., account hygiene, access reviews, configuration checks, alert triage).
Partner & communicate Collaborate closely with IT, Engineering, Legal, People, and GRC. Write clear docs, runbooks, and decision records that make it easy for others to operate and build on your work.
What You Need
Experience level
3+ years in enterprise/corporate security engineering or operations, with hands‑on ownership of security controls for identity, endpoints, SaaS, or data.
You’re comfortable being the primary owner of programs, not just following an existing playbook.
Eligibility
U.S. citizenship is required for this role due to the nature of our sovereign / FedRAMP‑aligned environments.
Technical background
Practical experience implementing and tuning Insider Risk, DLP, SaaS posture, or endpoint security in a cloud‑first environment.
Hands‑on administration of a modern identity provider and collaboration suite—Okta
About the Company
Ramp is an all-in-one financial operations platform designed to save businesses time and money. Combining corporate cards, expense management, bill payments, accounting automation, procurement, travel, treasury, and more, Ramp empowers finance teams to do their best work.
More than 40,000 companies, from family-owned farms to space startups, have saved $10B and 27.5M hours with Ramp since its founding in 2019.
Investors include Founders Fund, Thrive Capital, Khosla Ventures, Sequoia, Greylock, Stripe, Goldman Sachs, Coatu...
Know more