You see a card. We see endless possibilities.™

Manager, Vulnerability & Data Security

Security EngineerSecurity EngineerFull TimeRemoteTeam 501-1,000Since 2010H1B SponsorCompany Site LinkedIn

Location

United States

Posted

92 days ago

Salary

$167.1K - $208.9K / year

Bachelor Degree10 yrs expExperience acceptedEnglishAWSAzureCloudGoogle Cloud PlatformRuby ON RailsSDLC

Job Description

• Lead program strategy and operations: asset coverage, scanning cadence, prioritization, and measurable risk reduction using Tenable (Nessus/SC/IO) and Snyk. • Integrate Tenable and Snyk findings into engineering backlogs with clear SLAs; partner with SRE, platform, and application teams to drive remediation. • Establish risk-based prioritization (CVSS, KEV, EPSS, exploitability, business criticality) and publish dashboards for transparency to leadership. • Mature patching and configuration baselines; build preventative controls and secure-by-default guardrails. • Coordinate vulnerability disclosure, pen test intake, and threat-driven campaigns for actively exploited CVEs. • Report program health, trends, and exceptions to security leadership and auditors. • Establish clear data ownership and stewardship across critical datasets; define roles, responsibilities, and decision rights. • Define and enforce data classification, access, and usage policies; drive best practices and guard rails for least privilege and segregation of duties. • Operationalize Sentra (DSPM) and Google DLP to monitor data exposure and access risks; drive timely remediation with accountable teams. • Build data lifecycle controls (creation, storage, use, sharing, archival, destruction) and technical guardrails embedded in platforms and workflows. • Ensure compliance with data protection regulations (e.g., PCI, SOX); partner on control design, testing, and evidence collection. • Collaborate with Security, Legal, Privacy, and Data teams to protect data across its lifecycle and enable safe analytics/product use cases. • Develop metrics (DLP incidents, misconfigurations, toxic combinations, stale sensitive datasets, policy violations) and report to leadership.

Job Requirements

7–10+ years in information security with 3+ years leading programs or teams; regulated/fintech experience preferred.
Hands-on depth managing vulnerabilities at scale with Tenable and Snyk across cloud-native, containers, endpoints, and CI/CD.
Practical experience building/maturing data security programs with Sentra (DSPM) and Google DLP; strong policy design and enforcement.
Partner management across engineering, data, and compliance; able to translate risk into actionable plans and measurable outcomes.
Familiarity with PCI and SOX; knowledge of SDLC, DevSecOps, and cloud security architectures (AWS/GCP/Azure).
Comfort with IAM/IGA, SIEM, CNAPP, and ticketing/workflow integrations; solid grasp of data governance concepts (stewardship, lineage).
Excellent communication and reporting—clear narratives, crisp metrics, executive-ready updates.
Certifications such as CISSP or CISM are a plus.

Benefits

Multiple health insurance options
Flexible time off – take what you need
Retirement savings program with company contribution and after tax contributions
Equity in a publicly-traded company and an Employee Stock Purchase Program
Family-forming benefits, fertility support, and up to 20 weeks of Parental Leave
Free therapy sessions, financial and professional coaching, and legal advice
Monthly stipend to support our remote work model
Annual “development dollars” to support our people growth and development
Through Flex First, the freedom to live and work wherever you and your family thrive