Security Program Manager, AI Assurance

ABOUT RAMP

Ramp is building the smart infrastructure for finance teams, embedded in the transaction flow of every dollar a business spends. We automate how over $100B in annualized spend flows in and out of 50,000+ companies: authorizing payments, flagging risk, categorizing spend, and closing books.

The problems are high-stakes, data-dense, and unforgiving.

We hire people with high agency and high urgency. We look for slope over intercept. We care less about where you trained and more about what you’ve built. At Ramp, everyone is a builder who owns problems end to end and makes consequential decisions that shape the outcome.

The median Ramp customer saves 5% and grows revenue 16% in their first year – far in excess of businesses operating without Ramp. We believe every ambitious company deserves the same.

If you want to build systems that directly shape how companies move and manage billions, Ramp is the place to do it.


ABOUT THE ROLE

This business-enabling role will have a direct impact on scaling and strengthening Ramp’s security and compliance programs. You will drive initiatives across security compliance, governance, risk management, and assurance to enhance our security posture, support customer, partner, and regulatory due diligence, and advance scalable, business-aligned security practices. You will also help thoughtfully integrate emerging areas such as AI assurance into our broader GRC strategy to enable responsible innovation and sustained growth.


WHAT YOU’LL DO

- Lead and support security and compliance programs to achieve and maintain key certifications and attestations (e.g., SOC 2, ISO 27001, PCI-DSS, SOX, ISO 42001, AIUC-1), while building scalable processes to support future framework expansion and geographic growth.

- Partner cross-functionally with Product, Engineering, IT, Finance, Legal, People, and Go-to-Market teams to translate regulatory, customer, and emerging requirements (including AI governance considerations) into practical, actionable controls.

- Support the design, implementation, and monitoring of IT General Controls (ITGCs), automated controls, and financial system governance processes, including access management, change management, and configuration oversight.

- Support and lead audit and assurance activities, including planning and coordination with external auditors and independent assessors, conducting control walkthroughs, managing evidence collection, and maintaining audit-ready documentation.

- Strengthen customer assurance programs by evaluating vendor security practices, responding to customer due diligence requests, and identifying opportunities for automation and continuous monitoring within GRC workflows.

- Build scalable audit management processes and documentation systems that will support future expansion to additional geographies and compliance frameworks


WHAT YOU NEED

- 5+ years of experience in security, risk, audit, or compliance roles within cloud-based or highly re