Detection & Response, Lead

About RampRamp is building the smart infrastructure for finance teams, embedded in the transaction flow of every dollar a business spends. We automate how over $100B in annualized spend flows in and out of 50,000+ companies: authorizing payments, flagging risk, categorizing spend, and closing books.

The problems are high-stakes, data-dense, and unforgiving.

We hire people with high agency and high urgency. We look for slope over intercept. We care less about where you trained and more about what you’ve built. At Ramp, everyone is a builder who owns problems end to end and makes consequential decisions that shape the outcome.

The median Ramp customer saves 5% and grows revenue 16% in their first year – far in excess of businesses operating without Ramp. We believe every ambitious company deserves the same.

If you want to build systems that directly shape how companies move and manage billions, Ramp is the place to do it.

About the RoleJoin our growing security team and help drive security detection and response initiatives across Ramp. This will include a focus on maturing our security detection and alerting capabilities across our federal and public sector environments.

Please note that this role will require you to be comfortable with working in-person at our NYC HQ (located near Madison Square Park) at least 2 days/week

What You’ll Do

- Respond and assist with security requests and incidents submitted by Ramp team members

- Review logging, alerting, and audit sources to identify potential security incidents and perform initial triage on identified incidents

- Contribute to the creation, upkeep, and tuning of runbooks and security alerts to effectively handle, triage, and improve security alerts

- Work closely with the Ramp Security Engineers to improve security alerting and automated remediation

- Utilize log ingestion platform for security analytics and identification of tactics, techniques and patterns of attackers

- Design and implement automation to detect and respond to threats

What You Need

- 3-4 years of information technology experience or the equivalent combination of education, technical training, or work experience.

- Working experience in information security, especially on a Computer/Security Incident Response Team (C/SIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) or a Security Operations Center (SOC)

- Experience with query-based log management solutions (ELK, Datadog, Panther, etc)

- Strong deductive reasoning and critical thinking skills

- Ability to communicate complex security issues to peers and management in a clear and effective manner.

- Strong written communication skills and the ability to succinctly document technical details

Nice to Haves

- Prior experience working with government entities or in a highly regulated environment

- Security Certifications such as CompTIA Security+, Network+, etc.

- Experience with workflow automation tooling (Tines, Swimlane, etc.)

Benefits (for U.S.-based full-time employees)- 100% medical, dental & vision insurance coverage for you

- Partially covered for your dependents

- One Medical annual membership

- 401k (including employer match on contributions made while employed by Ramp)

- Flexible PTO

- Fertility HRA (up to $10,000 per year)

- Parental Leave

- Unlimited AI token usage

- Pet insurance

- Centralized home-office equipment ordering for all employees

- Health and Wellness stipend

- In-office perks: lunch, snacks, drinks, and more

- Budget for intra-office travel

- Relocation support to NYC or SF (as needed)

Referral InstructionsIf you are being referred for the role, please contact that person to apply on your behalf.

Other noticesPursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.

Beware of recruiting scams: Ramp will only contact you through official @Ramp.com email addresses and will never ask for payment or sensitive personal information during the hiring process.

Ramp Applicant Privacy Notice