Security Program Manager, AI Assurance

About RampAt Ramp, we’re rethinking how modern finance teams function in the age of AI. We believe AI isn’t just the next big wave. It’s the new foundation for how business gets done. We’re investing in that future — and in the people bold enough to build it.Ramp is a financial operations platform designed to save companies time and money. Our all-in-one solution combines payments, corporate cards, vendor management, procurement, travel booking, and automated bookkeeping with built-in intelligence to maximize the impact of every dollar and hour spent. More than 50,000 businesses, from family-owned farms to e-commerce giants to space startups, have saved $10B and 27.5M hours with Ramp. Founded in 2019, Ramp powers the fastest-growing corporate card and bill payment platform in America, and enables over $100 billion in purchases each year.Ramp’s investors include Lightspeed Venture Partners, Thrive Capital, Sands Capital, General Catalyst, Founders Fund, Khosla Ventures, Sequoia Capital, Greylock, Redpoint, and ICONIQ, as well as over 100 angel investors who were founders or executives of leading companies. The Ramp team comprises talented leaders from leading financial services and fintech companies—Stripe, Affirm, Goldman Sachs, American Express, Mastercard, Visa, Capital One—as well as technology companies such as Meta, Uber, Netflix, Twitter, Dropbox, and Instacart.Ramp has been named to Fast Company’s Most Innovative Companies list and LinkedIn’s Top U.S. Startups for more than 3 years, as well as the Forbes Cloud 100, CNBC Disruptor 50, and TIME Magazine’s 100 Most Influential Companies.About the RoleThis business-enabling role will have a direct impact on scaling and strengthening Ramp’s security and compliance programs. You will drive initiatives across security compliance, governance, risk management, and assurance to enhance our security posture, support customer, partner, and regulatory due diligence, and advance scalable, business-aligned security practices. You will also help thoughtfully integrate emerging areas such as AI assurance into our broader GRC strategy to enable responsible innovation and sustained growth.What You’ll DoLead and support security and compliance programs to achieve and maintain key certifications and attestations (e.g., SOC 2, ISO 27001, PCI-DSS, SOX, ISO 42001, AIUC-1), while building scalable processes to support future framework expansion and geographic growth.Partner cross-functionally with Product, Engineering, IT, Finance, Legal, People, and Go-to-Market teams to translate regulatory, customer, and emerging requirements (including AI governance considerations) into practical, actionable controls.Support the design, implementation, and monitoring of IT General Controls (ITGCs), automated controls, and financial system governance processes, including access management, change management, and configuration oversight.Support and lead audit and assurance activities, including planning and coordination with external auditors and independent assessors, conducting control walkthroughs, managing evidence collection, and maintaining audit-ready documentation.Strengthen customer assurance programs by evaluating vendor security practices, responding to customer due diligence requests, and identifying opportunities for automation and continuous monitoring within GRC workflows.Build scalable audit management processes and documentation systems that will support future expansion to additional geographies and compliance frameworksWhat You Need5+ years of experience in security, risk, audit, or compliance roles within cloud-based or highly regulated environments (e.g., SaaS, financial services).Working knowledge and experience supporting security certifications and regulatory audits (e.g., SOC 2, ISO 27001, PCI-DSS, SOX), including control documentation, testing, evidence collection, and auditor coordination.Experience contributing to risk management and/or third-party risk programs, including performi ... (truncated, view full listing at source)