Create Profile Get Hired (Beta)

Senior Staff Infosec Technical Program Manager

San Francisco
Alarm Full Time

Job Description

Serve as a partner to all engineering leaders and teams to mature the information security program for the organization moving forward. Report to the Head of Information Security and drive Infosec initiatives by creating streamlined processes, communicate consistently and frequently, to build trust across the organization and prioritizing areas for investment. Serves as an advisor to the team, to ensure they are as efficient and effective. Lead initiatives with teams across Ripple to continually improve security posture and ensure our information security objectives are met. Co-create and help articulate Information Security strategy across the company. Aid in solving tech problems with urgency by helping teams reach consensus by asking the right questions and offering solutions. Create dashboards to measure security program performance in key areas over time. Own and drive OKRs across Infosec and ensure our assurance processes are continually improving. Provide regular program strategy and performance updates. Telecommuting permitted 50% or more but less than 100% per week within same geographic location as assigned office location.

Job Requirements: 

Must have a Master’s degree in Computer Science, Computer Engineering, or a related field plus six (6) years of experience in information security. 

Of the required experience, must have two (2) years of experience in Technical Program Management of each of the following (which may be gained concurrently): 

  • leading security strategy and execution across two or more cybersecurity domains
  • creating and delivering Information Security program metrics and goals

Of the required experience, must have two (2) years of experience in Information Security of each of the following (which may be gained concurrently):

  • secure software development lifecycle (SDLC)
  • continuous integration and continuous delivery systems (Gitlab, Jenkins)
  • product security assessments 
  • threat and vulnerability management programs and tooling (Tenable, Qualys, Brinqa, Kenna)

#LI-DNI


WHO WE ARE:

Ripple is doing for value what the internet did for information: enabling its instant and seamless flow around the world. We call this the Internet of Value (IoV). Using blockchain and cryptocurrency technology, Ripple is dedicated to creating powerful gains in financial efficiency, equity and inclusion. In addition, Ripple is developing and enabling the future use cases that will catalyze the new digital economy for governments, businesses and consumers.

Ripple has offices in San Francisco (HQ), New York, London, Mumbai, Singapore, São Paulo, Toronto, Reykjavík, Washington D.C. and Dubai.

WHAT WE OFFER – The resources and support to be your best at work and beyond:

Do Your Best Work

  • The opportunity to build in a fast-paced start-up environment with experienced industry leaders
  • A learning environment where you can dive deep into the latest technologies and make an impact.  A professional development budget to support other modes of learning.
  • Thrive in an environment where no matter what race, ethnicity, gender, origin, or culture they identify with, every employee is a respected, valued, and empowered part of the team.
  • Ripple is Flexible First: you have the option to work remotely, from our offices, or a combination of the two within the 11 countries we are located around the world.
  • Weekly all-company meeting - business updates and ask me anything style discussion with our Leadership Team
  • We come together for moments that matter which include team off-sites, team bonding activities, happy hours and more!

Take Control of Your Finances

  • Competitive salary, bonuses, and equity
  • Bonus Flexibility Program: Participants in the Corporate Bonus Plan have the option to elect to receive their annual bonus in cash, equity or XRP, or a combination.
  • 100% paid medical and dental and 95% paid vision insurance for employees starting on your first day
  • 401k (with match) 
  • Commuter benefits
  • Employee giving match
  • Mobile phone stipend

Take Care of Yourself

  • Twice a quarter R&R days so you can rest and recharge
  • Generous wellness reimbursement and weekly onsite & virtual programming
  • Flexible vacation policy - work with your manager to take time off when you need it
  • Industry-leading parental leave policies. Family planning benefits.
  • Catered lunches, fully-stocked kitchens with premium snacks/beverages, and plenty of fun events

Benefits listed above are for full-time employees. Interns - please discuss benefits with your recruiter.


Ripple is an Equal Opportunity Employer. We’re committed to building a diverse and inclusive team. We do not discriminate against qualified employees or applicants because of race, color, religion, gender identity, sex, sexual identity, pregnancy, national origin, ancestry, citizenship, age, marital status, physical disability, mental disability, medical condition, military status, or any other characteristic protected by local law or ordinance.
 
Please find our UK/EU Applicant Privacy Notice and our California Applicant Privacy Notice for reference.
Ripple

Ripple

Discover why hundreds of financial institutions choose Ripple to provide a better international payments experience for their customers in real-time.

Similar Jobs

Technical Senior Security Program Manager

OpenSea
Remote
Full Time Full Time
Dec 08, 2022

Students Program Vac

Status
Remote
Full Time Full Time
Dec 08, 2022

Technical Writer

DFINITY
Remote
Full Time Full Time
Dec 07, 2022

Staff Accountant, Temporary

cLabs
Remote
Full Time Full Time
Dec 16, 2022

Staff Accountant (Temporary)

cLabs
New York
Full Time Full Time
Dec 25, 2022

Senior Manager, Growth Marketing (Core)

Ava Labs
Brooklyn
Full Time Full Time
Dec 07, 2022

Senior Manager, Growth Marketing (Platform)

Ava Labs
Brooklyn
Full Time Full Time
Dec 07, 2022
You Might Also Be Interested In The Job Below

Technical Senior Security Program Manager

Remote
Alarm Full Time

Job Description

OpenSea is the first and largest marketplace for non-fungible tokens, or NFTs. Applications for NFTs include collectibles, gaming items, domain names, digital art, and many other items backed by a blockchain. OpenSea is an open, inclusive web3 platform, where individuals can come to explore NFTs and connect with each other to purchase and sell NFTs. At OpenSea, we're excited about building a platform that supports a brand new economy based on true digital ownership and are proud to be recognized as Y Combinator's #4 ranked top private company.

When hiring candidates, we look for signals that a candidate will thrive in our culture, where we default to trust, embrace feedback, grow rapidly, and love our work. We also know how critical it is to celebrate and support our differences. Employing a team rich in diverse thoughts, experiences and opinions enables our employees, our product and our community to flourish. We are dedicated to equal employment opportunities regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. To help facilitate this, we support remote, hybrid or onsite work at either New York City, San Francisco or the Silicon Valley for the majority of our opportunities.

We are looking for a Security Program Manager that will drive our vulnerability management program and security initiatives across product, engineering, and business enablement. As the first security program manager, you will establish the foundation in which the security team and company will build on top of. Below is a list of high level programs where we are looking for a senior program manager to step in and drive immediately. Each program has significant depth when fully built out and more security focused programs will need to be created over time. 

Responsibilities

  • Lead the Vulnerability Management Program by accelerating and improving the quality of the findings through our public bug bounty program, third party pentests, and internal red teaming. Then ensure timely and accurate triage of findings by partnering with the Application Security Engineering group. Ultimately driving to remediation of identified vulnerabilities across the organization from incident response for critical findings to backlog management for low severity findings
  • Improve the security incident management process and incident command active security incidents in order to reduce the active time of exposure and ensure we do not have repeat incidents.
  • Partner with the InfraSec team to drive the Vendor Security Audit Program to ensure proper awareness of risk exposure of vendors
  • Partner with the AppSec team to drive Product Security Reviews to enable high velocity product teams to build secure by design products
  • Manage our threat intelligence gathering (both physical and cyber) to ensure the team and company make decisions with proper awareness of the threat landscape.
  • Provide insight and suggestions to steer the security roadmap
  • Desired Experience

  • Strong program management skills in both designing programs and facilitating them
  • Influence and affect change in cross functional collaborators in order to successfully complete tasks within required timelines.
  • Prioritize effectively and multitask efficiently
  • Understanding of common styles of vulnerabilities and how they apply various systems
  • Risk analysis and risk based decision making skills
  • Excellent written and verbal communication skills as you’ll be communicating publicly with researchers and partners.

  • If you don't think you meet all of the criteria below but still are interested in the job, please apply. Nobody checks every box, and we're looking for someone who is excited to join the team.