Apply on Employer Site

Ramp · 1 week ago

Senior Security Analyst | Corporate Security

New York, NY

Full-time

Hybrid

Mid, Senior Level

$160K/yr - $221K/yr

3+ years exp

Ramp is a financial operations platform that is rethinking how modern finance teams function in the age of AI. As a Senior Security Analyst in Corporate Security, you will own and scale core security programs while ensuring the secure rollout of AI-driven capabilities across identity, endpoints, SaaS, and data.

FinanceFinancial ServicesFinTech

No H1B

U.S. Citizen Only

Responsibilities

Own core enterprise security programs Lead and continuously improve Insider Risk and DLP across Ramp—from policies and detections to playbooks, case handling, and stakeholder training

Secure SaaS at scale Manage and harden our SaaS stack (SSPM/CASB and native controls):

Remediate misconfigurations

Remove stale accounts/admins

Enforce key rotation and safe OAuth scopes

Gate risky apps and integrations

Run sovereign / FedRAMP‑aligned environments Operate sovereign Google Workspace and Okta tenants with strict access, monitoring, and logging. Partner with GRC to ensure controls align to NIST 800‑53/800‑171 and FedRAMP‑aligned requirements without slowing down the business

Modernize identity & access Work with IT and Security Engineering to enforce:

Phishing‑resistant MFA

Device‑aware and context‑aware access

Least privilege and just‑in‑time (JIT) patterns

SCIM‑based lifecycle management

Strong break‑glass access patterns and reviews

Harden endpoints and network Help keep our macOS and Windows fleets secure at scale using EDR, MDM, and disk encryption; drive patch SLAs; and enforce ZTNA/SSE policies (e.g., Cloudflare WARP) for secure access to internal resources

Measure, review, and improve Define and track key metrics (coverage, policy efficacy, MTTD/MTTR, configuration drift). Run regular control health reviews and drive remediation with partner teams

Automate and simplify Use scripting, APIs, or workflow tools to reduce manual toil in enterprise security operations (e.g., account hygiene, access reviews, configuration checks, alert triage)

Partner & communicate Collaborate closely with IT, Engineering, Legal, People, and GRC. Write clear docs, runbooks, and decision records that make it easy for others to operate and build on your work

Qualification

Enterprise security engineeringInsider RiskData Loss Prevention (DLP)SaaS securityEndpoint securityOkta administrationGoogle Workspace administrationEDR toolsMDM toolsScripting skillsNIST complianceCommunication skillsCollaboration skillsProblem-solving skills

Required

3+ years in enterprise/corporate security engineering or operations, with hands-on ownership of security controls for identity, endpoints, SaaS, or data

U.S. citizenship is required for this role due to the nature of our sovereign / FedRAMP-aligned environments

Practical experience implementing and tuning Insider Risk, DLP, SaaS posture, or endpoint security in a cloud-first environment

Hands-on administration of a modern identity provider and collaboration suite—Okta and Google Workspace are ideal, but similar experience (e.g., Azure AD / Entra ID, Microsoft 365) is highly relevant

Familiarity with tools and concepts like EDR, MDM, SSPM/CASB, DSPM, and ZTNA/SSE, and experience hardening macOS and/or Windows at scale

Experience aligning controls to at least one security framework or regulated environment (e.g., FedRAMP, NIST 800-53/171, SOC 2, ISO 27001) and translating requirements into practical enterprise controls

You can spot gaps, design pragmatic remediations, and drive them to completion across multiple teams

You're comfortable using automation (scripts, workflows, or low-code tools) to make security more scalable and less manual

You communicate clearly—whether you're writing a runbook, summarizing risk tradeoffs, or explaining a control choice to non-security partners

You enjoy partnering with IT and Engineering to get things shipped, not just documented