RemoteLeaf Logo
Log in Sign up

Manager, Vulnerability & Data Security

1 hour, 42 minutes ago
United States
Full-time
Lead
Security Engineer
Cybersecurity
AWS Azure CI/CD Databricks DevSecOps GCP SIEM Snowflake
Apply Now
Marqeta

Marqeta

Marqeta is a pioneer in modern card issuing and payment solutions, offering businesses instant card issuance and payment processing through their innovative open API platform.

Diversified Financial Services
251-1K
Founded 2010
View All Jobs 10

Description

  • Lead vulnerability management strategy and operations, including asset coverage, scanning cadence, prioritization, and risk reduction.
  • Integrate Tenable and Snyk findings into engineering backlogs with clear remediation SLAs.
  • Partner with SRE, platform, and application teams to drive vulnerability remediation.
  • Establish risk-based prioritization using CVSS, KEV, EPSS, exploitability, and business criticality, and report dashboards to leadership.
  • Improve patching and configuration baselines and build secure-by-default preventative controls.
  • Coordinate vulnerability disclosure, penetration test intake, and threat-driven campaigns for actively exploited CVEs.
  • Report vulnerability program health, trends, and exceptions to security leadership and auditors.
  • Establish data ownership and stewardship across critical datasets, including roles, responsibilities, and decision rights.
  • Define and enforce data classification, access, and usage policies with least-privilege and segregation-of-duties guardrails.
  • Operationalize Sentra and Google DLP to monitor data exposure and access risks and drive remediation.
  • Build data lifecycle controls for creation, storage, use, sharing, archival, and destruction of data.
  • Partner with Security, Legal, Privacy, and Data teams to support data protection, compliance, and safe analytics/product use cases.
  • Develop and report data security metrics and leadership dashboards covering incidents, misconfigurations, toxic combinations, and policy violations.

Requirements

  • 7–10+ years of experience in information security.
  • 3+ years leading security programs or teams.
  • Experience managing vulnerabilities at scale with Tenable and Snyk across cloud-native environments, containers, endpoints, and CI/CD.
  • Experience building or maturing data security programs with Sentra (DSPM) and Google DLP.
  • Strong policy design and enforcement experience for data security.
  • Experience partnering across engineering, data, and compliance teams to turn risk into actionable plans.
  • Familiarity with PCI and SOX controls and audit requirements.
  • Knowledge of SDLC, DevSecOps, and cloud security architectures such as AWS, GCP, or Azure.
  • Comfort with IAM/IGA, SIEM, CNAPP, and ticketing/workflow integrations.
  • Understanding of data governance concepts such as stewardship and lineage.
  • Excellent communication and reporting skills with executive-ready metrics and narratives.
  • Regulated or fintech experience is preferred.
  • Certifications such as CISSP or CISM are a plus.
  • Experience automating Tenable/Snyk workflows into CI/CD and GRC/risk registers is nice to have.
  • Background in data governance, including stewardship councils and RACI, is nice to have.
  • Experience securing analytics platforms such as Snowflake, Databricks, or BigQuery is nice to have.
  • Exposure to SaaS Security Posture Management and third-party data controls at scale is nice to have.

Benefits

  • Remote-first Flexible First work model within the United States.
  • Competitive base salary of $167,100–$208,900 nationally, $179,800–$224,700 in Premium locations, and $195,400–$244,400 in Premium Plus locations.
  • Annual bonus opportunity for eligible employees.
  • Multiple health insurance options.
  • Flexible time off.
  • Retirement savings program with company contribution and after-tax contributions.
  • Equity in a publicly traded company plus an Employee Stock Purchase Program.
  • Family-forming benefits, fertility support, and up to 20 weeks of parental leave.
  • Free therapy sessions, financial coaching, professional coaching, and legal advice.
  • Monthly stipend to support remote work.
  • Annual development dollars for professional growth.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Mozilla

Staff Security Engineer, Product Security

Mozilla 251-1K Internet Software & Services

Mozilla is hiring a Staff Security Engineer to protect Firefox, Mozilla VPN, and other mission-critical products by embedding security across the software development lifecycle for users in the US and Canada.

United States Canada Full-time Senior Security Engineer
$138k-$217k
AWS Azure Burp Suite CI/CD GCP Go Java JavaScript Penetration Testing Python
12 minutes ago
Nerdy

Lead Security Engineer (AI-Native)

Nerdy 51-250 Diversified Consumer Services

Nerdy is hiring a Lead Security Engineer to lead enterprise security and infrastructure strategy for its AWS-first learning platform, balancing hands-on execution with cross-functional leadership to protect systems, ensure compliance, and support growth.

United States Full-time Lead Security Engineer
AWS Network Security
27 minutes ago
Nerdy

Lead Security Engineer (AI-Native)

Nerdy 51-250 Diversified Consumer Services

Lead Security Engineer at Nerdy, responsible for shaping and operating enterprise security and infrastructure in an AWS-first environment that supports scalable, reliable systems and company growth.

United States Full-time Lead Security Engineer
AWS Network Security
27 minutes ago
Nerdy

Lead Security Engineer (AI-Native)

Nerdy 51-250 Diversified Consumer Services

Lead Security Engineer at Nerdy responsible for driving enterprise security and infrastructure strategy in an AWS-first environment while protecting company assets, ensuring compliance, and supporting high-growth objectives.

Colombia Full-time Lead Security Engineer
AWS Cybersecurity Network Security
27 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers