Key skills
Cyber SecurityAISaaSLeadershipOWASP
About this role
Role Overview
- Lead and grow a team of the best security engineers in the world, with a view of security that is engineering-driven, human-centric, and trust-based.
- Help define the strategy for Vanta’s application security program, and empower the team to implement robust security protocols and stay ahead of emerging threats.
- Leverage AI to improve efficiency of team processes, and improve the maturity of the overall security program.
- Work with the Engineering and Product Development team to assess and communicate acceptable levels of risk, mitigate that risk, and help ensure that Vanta products are developed with security in mind.
- Provide, both individually and through your team, expert feedback to Vanta’s Product, Engineering, and Design teams on our product offerings and serve as a strong customer voice in product development.
- Represent Vanta’s products, vision, and voice as a trusted security thought leader in public security forums.
Requirements
- Strong leadership experience in engineering-driven security and an ability to lead a technical team from a foundation of transparency and trust.
- Inherent alignment with our trust-based, human-centric security culture and our Security Engineering and Security Operations Team Principles – both internal to Vanta and externally – that is not based on using tactics of fear, uncertainty, or doubt as levers for action.
- Strong application security experience, with emphasis on implementing security controls in a SaaS environment.
- Familiarity with relevant industry regulations and standards (e.g., GDPR, ISO 27001, NIST 800-53) and experience ensuring compliance.
- Experience with leveraging AI to improve security processes.
- Understanding of a wide range of security technologies and an ability to stay updated on latest cybersecurity threats and trends; Deep understanding of / ability to guide and communicate technical direction for internal application security programs, including familiarity with common vulnerabilities like OWASP Top 10, and security tooling such as SAST, DAST, and other application security testing technologies.
- Ability to assess and analyze security risks comprehensively, considering both business impact and technical impact; Ability to prioritize risk remediation with consideration to business goals and objectives.
- Ability to build trust and strong partnerships internally with Product, Engineering, and other teams toward security goals.
- Open to using AI to amplify their skills and strengthen their work
- demonstrating curiosity, a willingness to learn, and sound judgment in applying AI responsibly to improve efficiency and impact.
Tech Stack
- Cyber Security
Benefits
- Comprehensive medical, dental, and vision coverage, with 100% of employee-only benefit premiums covered for most medical plans
- 16 weeks paid Parental Leave for all new parents
- Health & wellness stipend
- Remote workspace, internet, and cellphone stipend
- Commuter benefits for team members who report to the SF and NYC office
- Family planning benefits
- Matching 401(k) contribution with immediate vesting
- Flexible PTO policy, plus 80 hours of Sick Time
- 11 company-paid holidays
- Virtual team building activities, lunch and learns, and other company-wide events!