Founding Staff Security Engineer | Detection & Response

New York, Miami, Remote

Applications have closed
Ramp logo


Join thousands of forward-thinking businesses using Ramp to control spend, save time, and automate busywork.

Ramp is building the next generation of finance tools—from corporate cards and expense management, to bill payments and accounting integrations—designed to save businesses time and money with every click. More than 10,000 customers cut their expenses by 3.5% per year and closing their books 8x faster by switching to the Ramp platform.

Founded in 2019, Ramp powers the fastest-growing corporate card and bill payment software in America and enables billions of dollars of purchases each year. Ramp continues to grow at an increasingly large scale, more than doubling its revenue run rate in the first half of 2022.

Valued at $8.1 billion, Ramp's investors include Founders Fund, Stripe, Citi, Goldman Sachs, Coatue Management, D1 Capital Partners, Redpoint Ventures, General Catalyst, and Thrive Capital, as well as over 100 angel investors who were founders or executives of leading companies. The Ramp team comprises talented leaders from leading financial services and fintech companies—Stripe, Affirm, Goldman Sachs, American Express, Mastercard, Visa, Capital One—as well as technology companies such as Meta, Uber, Netflix, Twitter, Dropbox, and Instacart. Ramp was named Fast Company’s most innovative finance company in 2022.

About the Role

Join our growing security team in a foundational role focused on defining and executing our vision for threat detection and incident response capabilities at Ramp. You will have direct impact building, optimizing, automating, and growing security capabilities to minimize adverse events and protect our brand. This role will also serve as a security partner to Ramp Risk and Financial Engineering on active project areas such as fraud detection and defenses.

What You’ll Do

  • Define and execute strategy for threat detection and incident response to ensure safety within our network, corporate services, and platform applications
  • Coordinate and drive resolution on a diverse range of incidents as part of an on-call team
  • Lead threat modeling exercises, developing and implementing remediation and improvement plans
  • Build and deploy automation to cover core capabilities, and write detections to fit our use cases beyond built-in SIEM rules
  • Become the directly responsible individual for existing SecOps augmentation services and relevant security tooling

What You Need

  • Minimum 7 years of hands-on technical experience in security engineering, systems engineering, software engineering, or network engineering
  • Minimum 4 years of experience defining and building detection and response programs in highly regulated industries (ie. Healthcare, Finance)
  • Minimum 3 years of experience in incident response including host and cloud forensics, incident management, threat intelligence, threat hunting, and/or security detection - ideally at a fast growing startup
  • Ability to analyze attacker tactics, techniques and procedures (TTPs) from security events across a large heterogeneous network of security devices and end-user systems
  • Experience deploying, configuring, and administering advanced technologies like SIEM, SOAR or UEBA
  • Working knowledge of scripting languages (e.g., Python, Java, shell scripting)
  • Knowledge in cloud-based services and infrastructure (AWS, Okta, Google Workspace, Slack) and automation tools around these services (Terraform, etc.)
  • Ability to collaborate with cross-functional partner teams, such as Legal, Communications, and Engineering for efficient, large-scale response

Nice to Haves

  • Possess or could obtain one of the following certifications: CISSP, GCED, GCIH, GCFA, CISA, CEH, etc.
  • Experience deriving Security Operations Metrics (MTTD/MTTR)
  • Experience using MITRE ATT&CK framework for incident simulations, and tabletop exercises
  • Experience with AWS, Datadog, Panther, Crowdstrike, etc.

Ramp Benefits (for U.S. based employees)

  • 100% medical, dental & vision insurance coverage for you
    • Partially covered for your dependents
    • OneMedical annual membership
  • 401k (including employer match)
    • Please note only 401k contributions made while employed by Ramp are eligible for an employer match
  • Unlimited PTO
  • Annual education reimbursement
  • WFH stipend to support your home office needs
  • Monthly wellness stipend; Headspace annual membership
  • Parental Leave
  • Relocation support

* Salary range is an estimate based on our salary survey 💰

Tags: Automation AWS CEH CISA CISSP Cloud Finance FinTech Forensics GCED GCFA GCIH Incident response Java MITRE ATT&CK Python Scripting SecOps SIEM SOAR Strategy Terraform Threat detection Threat intelligence TTPs

Perks/benefits: 401(k) matching Health care Home office stipend Medical leave Parental leave Relocation support Startup environment Team events Unlimited paid time off Wellness

Regions: Remote/Anywhere North America
Country: United States
Job stats:  14  3  0

Other jobs like this

Explore more Cybersecurity career opportunities

Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cyber Security in general, filtered by job title or popular skill, toolset and products used.