Vanta

Senior Manager, Security Engineering

Remote

fulltime

Ready to apply? Let us help you stand out.

Apply with Standout Apply Directly

About the role

At Vanta, our mission is to help businesses earn and prove trust. We believe that security should be monitored and verified continuously, and we empower companies to practice better security and prove it with ease. Vanta has a kind and talented team, and while some have prior security experience, many have been successful at Vanta without it. Vanta lives at the intersection of security and compliance, and our customers range from novices to deep experts - all of whom need and value having strong security and compliance programs driven by the best-in-market automation and orchestration tools we provide. We are seeking an experienced Senior Manager of Security, reporting to the Director of Security, to lead our exceptionally talented Security Engineering team. Vanta’s Security Engineering team provides essential security operational services, is directly involved in the software development process, sets policies and standards regarding enterprise-wide security requirements, and offers advisory services to enable our business to thrive while effectively managing risk. What you’ll do as a Senior Manager of Security at Vanta: Lead and grow a team of the best security engineers in the world, with a view of security that is engineering-driven, human-centric, and trust-based. Help define the strategy for Vanta’s application security program, and empower the team to implement robust security protocols and stay ahead of emerging threats. Leverage AI to improve efficiency of team processes, and improve the maturity of the overall security program. Work with the Engineering and Product Development team to assess and communicate acceptable levels of risk, mitigate that risk, and help ensure that Vanta products are developed with security in mind. Provide, both individually and through your team, expert feedback to Vanta’s Product, Engineering, and Design teams on our product offerings and serve as a strong customer voice in product development. Represent Vanta’s products, vision, and voice as a trusted security thought leader in public security forums. How to be successful in this role: Strong leadership experience in engineering-driven security and an ability to lead a technical team from a foundation of transparency and trust. Inherent alignment with our trust-based, human-centric security culture and our Security Engineering and Security Operations Team Principles – both internal to Vanta and externally – that is not based on using tactics of fear, uncertainty, or doubt as levers for action. Strong application security experience, with emphasis on implementing security controls in a SaaS environment. Familiarity with relevant industry regulations and standards (e.g., GDPR, ISO 27001, NIST 800-53) and experience ensuring compliance. Experience with leveraging AI to improve security processes. Understanding of a wide range of security technologies and an ability to stay updated on latest cybersecurity threats and trends; Deep understanding of / ability to guide and communicate technical direction for internal application security programs, including familiarity with common vulnerabilities like OWASP Top 10, and security tooling such as SAST, DAST, and other application security testing technologies. Ability to assess and analyze security risks comprehensively, considering both business impact and technical impact; Ability to prioritize risk remediation with consideration to business goals and objectives. Ability to build trust and strong partnerships internally with Product, Engineering, and other teams toward security goals. Open to using AI to amplify their skills and strengthen their work - demonstrating curiosity, a willingness to learn, and sound judgment in applying AI responsibly to improve efficiency and impact. What you can expect as a Vanta’n: Industry-competitive salary and equity Comprehensive medical, dental, and vision coverage, with 100% of employee-only benefit premiums covered for most medical plans 16 weeks paid Parental Leave for all new parents Health & wellness stipend Remote workspace, internet, and cellphone stipend Commuter benefits for team members who report to the SF and NYC office Family planning benefits Matching 401(k) contribution with immediate vesting Flexible PTO policy, plus 80 hours of Sick Time 11 company-paid holidays Virtual team building activities, lunch and learns, and other company-wide events! Offices in SF, NYC, London, Dublin, Tel Aviv, and Sydney To provide greater transparency to candidates, we share base pay ranges for all US-based job postings regardless of state. We set standard base pay ranges for all roles based on function, level, and country location, benchmarked against similar-stage growth companies. Final offer amounts are determined by multiple factors and may vary based on candidate location, skills, depth of work experience, and relevant licenses/credentials. #LI-remote At Vanta, we are committed to hiring diverse talent of different backgrounds and as such, it is important to us to provide an inclusive work environment for all. We do not discriminate on the basis of race, gender identity, age, religion, sexual orientation, veteran or disability status, or any other protected class. As an equal opportunity employer, we encourage and welcome people of all backgrounds to apply. About Vanta We started in 2018, in the wake of several high-profile data breaches. Online security was only becoming more important, but we knew firsthand how hard it could be for fast-growing companies to invest the time and manpower it takes to build a solid security foundation. Vanta was inspired by a vision to restore trust in internet businesses by enabling companies to improve and prove their security. From our early days automating security monitoring for compliance standards like SOC 2, HIPAA and ISO 27001 to creating the world's leading Trust Management Platform, our vision remains unchanged. Now more than ever, making security continuous—not just a point-in-time check— is essential. Thousands of companies rely on Vanta to build, maintain and demonstrate their trust— all in a way that's real-time and transparent. Referral Instructions If you are being referred for the role, please contact that person to apply on your behalf.

About Vanta Vanta (YC W18) is the leading automated compliance and trust management platform designed to simplify and centralize compliance and security workflows for organizations of all sizes.

Why YC Startups Need Vanta As a YC company, proving your security compliance is crucial for hitting new milestones—from finding product market fit, to selling to bigger customers. We would know, we’ve been there—and we’ve helped over 10,000 customers do just that! Vanta's all-in-one solution, combined with expert service partners, helps you quickly and painlessly achieve and maintain compliance with top frameworks—like SOC 2 and ISO 27001—and build a strong security foundation, so you can close bigger deals and scale faster. Learn more at vanta.com.

YC Companies get Exclusive Discounts on Vanta’s packages: Vanta’s packages for startups are designed to make security and compliance easier, faster, and more cost-effective. Whether you’re closing your first deal or gearing up for growth, our all-in-one solution provides the tools necessary to become compliant quickly, demonstrate your security posture, and build a strong security foundation.

Why Vanta?

Built for startups: Vanta knows startups. We went through YC in 2018 and have since helped thousands of startups, including YC companies Supabase (YC S20), Fern (YC W23), and Newfront (YC W18) achieve and maintain compliance quickly. Startups like Charityvest (YC S20), BreachRX, and Flo Health have gone from zero to SOC 2 Type I or ISO 27001 certification in 10 days or less with Vanta.

Future-proof, feature-rich, automated platform: Vanta’s modular platform is built for the needs of today and tomorrow, including:

35+ frameworks spanning security, privacy, industry, geographic, and custom frameworks
375+ integrations that automate evidence collection for these frameworks
1,200+ automated, hourly tests to ensure real, continuous security—not just at audit time, but all the time
Pre-built policy templates, lightweight agent for security checks, background checks, cyber insurance, cookie consent management, auditor portal, user access reviews, security awareness training, risk assessments, vendor security reviews, managing vulnerabilities, and more
Tailored support for early-stage companies: Vanta offers internal, no-cost Customer Success and GRC (compliance) experts, robust technical support, detailed documentation, and a 24/7 chatbot for frequently asked questions.
(Optional) Purchase Vanta with auditors experienced in your framework and the Vanta platform, or choose from a range of MSP/consulting partners for additional services like penetration tests and virtual CISO support—some at no cost. We don’t force vendor lock-in.
Transparent pricing and promises: Vanta strives to do what it says on the tin: we believe in setting and meeting customer expectations. We offer flexible contracts, fair and transparent pricing, and publish our support metrics. We prefer to focus on helping customers succeed and let them explain why they chose us over others—check out our G2 reviews and customer case studies!

Proven market leader and well-funded: Vanta was founded in 2018 and has raised $350M with over 700 employees. We’ve guided over 10,000 customers through their first or multiple audit cycles for various frameworks. These customer learnings and our funding help drive a fast pace of product development to delight customers and ensure Vanta will be there for you in the future.

Interested in seeing why Upflow (YC W20), Tailor (YC S22), and hundreds of other YC companies trust Vanta to automate compliance so they can focus on scaling? Reach out to our team at [email protected] to get started!

Senior Manager, Security Engineering

About the role

About Vanta

Other roles at Vanta

Job details

Company

Founders