Senior Security Analyst

at Ramp
🇺🇸 United States - Remote
🔒 Cybersecurity🟣 Senior

Job description

About Ramp

At Ramp, we’re rethinking how modern finance teams function in the age of AI. We believe AI isn’t just the next big wave. It’s the new foundation for how business gets done. We’re investing in that future — and in the people bold enough to build it.

Ramp is a financial operations platform designed to save companies time and money. Our all-in-one solution combines payments, corporate cards, vendor management, procurement, travel booking, and automated bookkeeping with built-in intelligence to maximize the impact of every dollar and hour spent. But we’re not just building features powered by AI. We’re building a platform where agents can chase receipts, close books, flag risks, and surface insights. This enables teams to reclaim their time and reinvest in what matters.

More than 40,000 businesses, from family-owned farms to space startups, have saved $10B and 27.5M hours with Ramp. Founded in 2019, Ramp powers the fastest-growing corporate card and bill payment platform in America, and enables over $80 billion in purchases each year.

Ramp’s investors include Thrive Capital, Sands Capital, General Catalyst, Founders Fund, Khosla Ventures, Sequoia Capital, Greylock, and Redpoint, among others, in addition to 100+ angel investors who have been founders or executives of leading companies.

Ramp has been named to Fast Company’s Most Innovative Companies list and LinkedIn’s Top U.S. Startups for more than 3 years, as well as the Forbes Cloud 100, CNBC Disruptor 50, and TIME Magazine’s 100 Most Influential Companies.

About the Role

Join Ramp’s Enterprise Security team to operationalize core and sovereign security programs. You’ll oversee Insider Risk, DLP, SaaS posture, and Endpoint security across corporate and FedRAMP‑aligned environments—setting strategy, implementing controls, and measuring outcomes. Ramp is agent‑first: you will securely enable AI assistants and automated workflows across the enterprise.

Please note that this role will require you to be comfortable with working in-person at our NYC HQ (located near Madison Square Park) at least 2 days/week

What You’ll Do

  • Harden Core Programs: Evaluate and uplift Insider Risk and DLP coverage; tune detections, policies, and workflows end‑to‑end.

  • Secure SaaS at Scale: Use SSPM/CASB and configuration baselines to remediate misconfigurations, remove stale access/admins, enforce key rotation, and gate risky app/OAuth scopes.

  • Operate Sovereign SaaS: Maintain strict access and monitoring for sovereign Google Workspace and Okta tenants; ensure controls map to NIST 800‑53/800‑171 and FedRAMP‑aligned requirements.

  • Modernize Identity & Access: Enforce phishing‑resistant MFA, device‑aware access, least privilege/JIT, SCIM life‑cycle, and strong break‑glass patterns.

  • Endpoint & Network Defense: Keep macOS/Windows hardened at scale (EDR, disk encryption, MDM), ensure patch SLAs, and apply ZTNA/SSE (e.g., Cloudflare WARP) policies.

  • Continuous Improvement: Define metrics (coverage, policy efficacy, MTTD/MTTR, configuration drift), run control health reviews, and close gaps across corporate and sovereign environments.

  • Partner & Ship: Work with IT to validate endpoint agents and patching; document risks, decisions, and runbooks succinctly.

What You Need

  • 3+ years in enterprise/corporate security engineering or operations.

  • U.S. citizenship is required for this role.

  • Proven delivery hardening Insider Risk, DLP, SaaS posture, and endpoint controls.

  • Hands‑on Okta administration and Google Workspace security configuration.

  • Experience with EDR/MDM, SSPM/CASB, DSPM, and ZTNA/SSE; macOS/Windows hardening at scale.

  • Solid grasp of IAM and control mapping in FedRAMP‑aligned environments; familiarity with NIST 800‑53/171.

  • Ability to identify gaps, design remediations, automate where possible, and drive adoption across teams.

  • Clear, concise communicator who writes crisp docs and runbooks.

Nice-to-Haves

  • Experience aligning Google Workspace and Okta to regulated/sovereign requirements.

  • Background scaling security in a high‑growth, cloud‑first company.

  • Relevant certs (CISSP, CISM, Security+, GIAC) or equivalent real‑world depth.

Benefits (for U.S.-based full-time employees)

  • 100% medical, dental & vision insurance coverage for you

    • Partially covered for your dependents

    • One Medical annual membership

  • 401k (including employer match on contributions made while employed by Ramp)

  • Flexible PTO

  • Fertility HRA (up to $5,000 per year)

  • WFH stipend to support your home office needs

  • Wellness stipend

  • Parental Leave

  • Relocation support to NYC or SF (as needed)

  • Pet insurance

Referral Instructions

If you are being referred for the role, please contact that person to apply on your behalf.

Other notices

Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.

Ramp Applicant Privacy Notice

Share this job:
Please let Ramp know you found this job on Remote First Jobs 🙏

Similar Remote Jobs

Ramp logo

Ramp

Corporate card & spend management platform

  • Founded in 2019
  • 6 remote jobs

Latest Jobs at Ramp

Benefits of using Remote First Jobs

Discover Hidden Jobs

Unique jobs you won't find on other job boards.

Advanced Filters

Filter by category, benefits, seniority, and more.

Priority Job Alerts

Get timely alerts for new job openings every day.

Manage Your Job Hunt

Save jobs you like and keep a simple list of your applications.

Search remote, work from home, 100% online jobs

We help you connect with top remote-first companies.

Search jobs

Hiring remote talent? Post a job

Frequently Asked Questions

What makes Remote First Jobs different from other job boards?

Unlike other job boards that only show jobs from companies that pay to post, we actively scan over 20,000 companies to find remote positions. This means you get access to thousands more jobs, including ones from companies that don't typically post on traditional job boards. Our platform is dedicated to fully remote positions, focusing on companies that have adopted remote work as their standard practice.

How often are new jobs added?

New jobs are constantly being added as our system checks company websites every day. We process thousands of jobs daily to ensure you have access to the most up-to-date remote job listings. Our algorithms scan over 20,000 different sources daily, adding jobs to the board the moment they appear.

Can I trust the job listings on Remote First Jobs?

Yes! We verify all job listings and companies to ensure they're legitimate. Our system automatically filters out spam, junk, and fake jobs to ensure you only see real remote opportunities.

Can I suggest companies to be added to your search?

Yes! We're always looking to expand our listings and appreciate suggestions from our community. If you know of companies offering remote positions that should be included in our search, please let us know. We actively work to increase our coverage of remote job opportunities.

How do I apply for jobs?

When you find a job you're interested in, simply click the 'Apply Now' button on the job listing. This will take you directly to the company's application page. We kindly ask you to mention that you found the position through Remote First Jobs when applying, as it helps us grow and improve our service 🙏

Apply