Senior Security Analyst, Enterprise Security

About Ramp

At Ramp, we’re rethinking how modern finance teams function in the age of AI. We believe AI isn’t just the next big wave. It’s the new foundation for how business gets done. We’re investing in that future — and in the people bold enough to build it.

Ramp is a financial operations platform designed to save companies time and money. Our allinone solution combines payments, corporate cards, vendor management, procurement, travel booking, and automated bookkeeping with builtin intelligence to maximize the impact of every dollar and hour spent. But we’re not just building features powered by AI. We’re building a platform where agents can chase receipts, close books, flag risks, and surface insights. This enables teams to reclaim their time and reinvest in what matters.

More than 40,000 businesses, from familyowned farms to space startups, have saved $10B and 27.5M hours with Ramp. Founded in 2019, Ramp powers the fastestgrowing corporate card and bill payment platform in America, and enables over $80 billion in purchases each year.

Ramp’s investors include Thrive Capital, Sands Capital, General Catalyst, Founders Fund, Khosla Ventures, Sequoia Capital, Greylock, and Redpoint, among others, in addition to 100+ angel investors who have been founders or executives of leading companies.

Ramp has been named to Fast Company’s Most Innovative Companies list and LinkedIn’s Top U.S. Startups for more than 3 years, as well as the Forbes Cloud 100, CNBC Disruptor 50, and TIME Magazine’s 100 Most Influential Companies.

About the Role

Join Ramp’s Enterprise Security team to operationalize core and sovereign security programs. You’ll oversee Insider Risk, DLP, SaaS posture, and Endpoint security across corporate and FedRAMP‑aligned environments—setting strategy, implementing controls, and measuring outcomes. Ramp is agent‑first: you will securely enable AI assistants and automated workflows across the enterprise.

Please note that this role will require you to be comfortable with working inperson at our NYC HQ (located near Madison Square Park) at least 2 daysweek

What You’ll Do

• Harden Core Programs: Evaluate and uplift Insider Risk and DLP coverage; tune detections, policies, and workflows end‑to‑end.

• Secure SaaS at Scale: Use SSPMCASB and configuration baselines to remediate misconfigurations, remove stale accessadmins, enforce key rotation, and gate risky appOAuth scopes.

• Operate Sovereign SaaS: Maintain strict access and monitoring for sovereign Google Workspace and Okta tenants; ensure controls map to NIST 800‑53800‑171 and FedRAMP‑aligned requirements.

• Modernize Identity & Access: Enforce phishing‑resistant MFA, device‑aware access, least privilegeJIT, SCIM life‑cycle, and strong break‑glass patterns.

• Endpoint & Network Defense: Keep macOSWindows hardened at scale (EDR, disk encryption, MDM), ensure patch SLAs, and apply ZTNASSE (e.g., Cloudflare WARP) policies.

• Continuous Improvement: Define metrics (coverage, policy efficacy, MTTDMTTR, configuration drift), run control health reviews, and close gaps across corporate and sovereign environments.

• Partner & Ship: Work with IT to validate endpoint agents and patching; document risks, decisions, and runbooks succinctly.

• What You Need

  • 3+ years in enterprisecorporate security engineering or operations.

  • U.S. citizenship is required for this role.

  • Proven delivery hardening Insider Risk, DLP, SaaS posture, and endpoint controls.

  • Hands‑on Okta administration and Google Workspace security configuration.

  • Experience with EDRMDM, SSPMCASB, DSPM, and ZTNASSE; macOSWindows hardening at scale.

  • Solid grasp of IAM and control mapping in FedRAMP‑aligned environments; familiarity with NIST 800‑53171.

  • Ability to identify gaps, design remediations, automate where possible, and drive adoption across teams.

  • Clear, concise communicator who writes crisp docs and runbooks.

  • NicetoHaves

    • Experience aligning Google Workspace and Okta to regulatedsovereign requirements.

    • Background scaling security in a high‑growth, cloud‑first company.

    • Relevant certs (CISSP, CISM, Security+, GIAC) or equivalent real‑world depth.

    • Benefits (for U.S.based fulltime employees)

      • 100% medical, dental & vision insurance coverage for you

        • Partially covered for your dependents

        • One Medical annual membership

        • • 401k (including employer match on contributions made while employed by Ramp)

          • Flexible PTO

          • Fertility HRA (up to $5,000 per year)

          • WFH stipend to support your home office needs

          • Wellness stipend

          • Parental Leave

          • Relocation support to NYC or SF (as needed)

          • Pet insurance

          • Referral Instructions

            If you are being referred for the role, please contact that person to apply on your behalf.

            Other notices

            Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.

            Ramp Applicant Privacy Notice