Upstart Inc. San Francisco , CA 94118
Posted 2 months ago
The Team
Upstart's Information Security team has a mix of professionals with different areas of deep expertise - from Application Security, to Cloud Security, Incident Response, Detection Engineering, and more. The team is responsible for ensuring we have a good understanding of the security gaps in our environment, and works to mitigate unnecessary risk across the company.
As the Senior Manager of Security Engineering at Upstart, you will work with Upstart's engineering and product management teams to ensure that our product platform is secure, safe and reliable. As a strategic leader, you will have direct responsibility for our product security and support Upstart's growth while guarding the platform and its assets, our people and our processes. As one of the key resources on the Security team, you will have significant influence over the design of Upstart's Security program.
Position Location
Time Zone Requirements
Travel Requirements
How you'll make an impact:
Inform and oversee the development and execution of a comprehensive strategy for application security
Ensure that security resources and practices align to business needs, priorities and requirements
Evangelize the product security roadmap and seek alignment with stakeholders
Manage and report on security engineering KPIs and metrics
Help identify Upstart's internal and external attack surface in a dynamic environment
Work closely with our engineering and data science teams to securely design and implement new products and features
Establish and mature the secure software development lifecycle
Operate as an integral member of the engineering team and advocate for security best practices across the organization
What we're looking for:
Minimum requirements:
Demonstrable track record as an influential leader, delivering security solutions with multiple stakeholder groups
Extensive security engineering background, with expertise and knowledge in infrastructure security concepts, web application security, encryption, and penetration/vulnerability tools
Understanding of Information Security policies, procedures, privacy rules & regulations
Experience managing multiple and simultaneous, significant information security initiatives and programs
Preferred qualifications:
10+ years of experience in a high-security environment and at least 5 years in a management capacity
Leadership experience managing geographically distributed teams
Certifications in IT or cybersecurity (e.g. CISSP, CISM, GSLC, OSCE)
AWS, Kubernetes and CI/CD pipeline experience
Contributions to the security industry (e.g. white papers, OSS projects, patents)
What you'll love:
Competitive Compensation (base + bonus & equity)
Comprehensive medical, dental, and vision coverage with Health Savings Account contributions from Upstart
401(k) with 100% company match up to $4,500 and immediate vesting and after-tax savings
Employee Stock Purchase Plan (ESPP)
Life and disability insurance
Generous holiday, vacation, sick and safety leave
Supportive parental, family care, and military leave programs
Annual wellness, technology & ergonomic reimbursement programs
Social activities including team events and onsites, all-company updates, employee resource groups (ERGs), and other interest groups such as book clubs, fitness, investing, and volunteering
Catered lunches + snacks & drinks when working in offices
#LI-REMOTE
#LI-MidSenior
Upstart Inc.