Senior Manager - Security Risk Engineering (Boston, MA)
Klaviyo
This job is with Klaviyo, an inclusive employer and a member of myGwork – the largest global platform for the LGBTQ+ business community. Please do not contact the recruiter directly.
At Klaviyo, we value the unique backgrounds, experiences and perspectives each Klaviyo (we call ourselves Klaviyos) brings to our workplace each and every day. We believe everyone deserves a fair shot at success and appreciate the experiences each person brings beyond the traditional job requirements. If you’re a close but not exact match with the description, we hope you’ll still consider applying. Want to learn more about life at Klaviyo? Visit klaviyo.com/careers to see how we empower creators to own their own destiny.
About the team:An exciting opportunity within the Security Trust and Risk (STAR) team whose mission is to ensure the safety and security of our customers, partners and Klaviyos as well as deliver best in class technology solutions, infrastructure and services. This is achieved by providing a robust and secure technology foundation to do great work. We solve problems using technology, embrace automation and AI, and support Klaviyo's continued scalability and sustainable employee growth in a rapidly evolving environment.
The STAR team assists the Global Security Services (GSS) organization in developing and refining information security policies, standards and strategy, enterprise risk management, creating metrics and reporting, coordinating cross-functional projects, and strategically aligning global information security initiatives with the broader CISO vision amongst other governance, risk and compliance efforts. The STAR team is highly collaborative and cross-functional, working closely with various functions within the GSS team (namely Security Product and Development and Security Intelligence Operations), Global Technology Solutions (GTS) team and the broader Klaviyo organization.
About the role:The Senior Manager, Security Risk Engineering is a senior information security and risk leader responsible for evolving risk management at Klaviyo from a traditional, cyber-centric, compliance-driven model into a real-time, business-aligned, engineering-led risk intelligence capability. Reporting into the Director of Security Trust and Risk, you will lead the Security Risk Engineering team as a second line of defense — owning technology risk management, third-party risk, risk quantification, and the risk intelligence and automation capability that turns disparate security signals into a single, decision-enabling view of risk.
You will operate as a credible, hands-on risk authority who can challenge and partner with engineering and security teams while maintaining independence from first-line delivery. You will build a team that thinks like risk engineers rather than traditional analysts — automating repeatable assessment, instrumenting controls, and applying AI as foundational infrastructure. You will partner with Engineering, Product, GTS, Legal, Audit, Finance, and the wider GSS organization to make risk legible across the business and to move Klaviyo's risk posture measurably forward.
How you’ll have an impact:- Lead the transition of risk management from a cyber-centric model to an enterprise-wide framework — expanding scope beyond cybersecurity to operational, financial, regulatory, and third-party risk, with integrated remediation tracking and clear ownership of outcomes
- Own the risk register and taxonomy, establishing a consistent standard (threat actor, technique, scenario, safeguard, loss event, quantification) so that aggregation, prioritisation, and reporting become meaningful
- Quantify risk in financial terms — expected loss, probability, and cost of remediation versus acceptance — so leadership can make rational investment and risk-acceptance decisions rather than relying on qualitative severity labels
- Set and continuously refine the risk cadence: weekly risk huddles with business functions, monthly risk reviews, and a quarterly Enterprise Risk Committee, connecting day-to-day execution to GSS and Klaviyo-level objectives
- Build the risk intelligence and automation capability — partnering closely with the team's risk intelligence lead, whose remit is risk intelligence and building automations using AI — to surface a continuously updated, quantified view of risk posture drawn from the live security tool estate (vulnerability, endpoint, third-party, data movement, and cyber risk quantification sources)
- Drive the risk scoring programme: integrate third-party risk, application inventory, and cyber risk quantification platforms so that applications and vendors carry a composite, evidence-based risk score that drives tiered, automated decision-making
- Unlock third-party risk automation through a tiered vendor model — fast-tracking low-risk vendors while ensuring high-risk vendors receive deep due diligence, business reviews, and continuous monitoring
- Evaluate and govern risks associated with AI/ML deployments, LLM integrations, and cloud data pipelines, embedding AI risk assessment into the internal and third-party risk programs
- Operate as a second line of defense — providing independent oversight, challenge, and guidance to first-line teams, applying consistent risk taxonomies and reporting standards, and escalating risks that exceed established tolerance
- Act as custodian of the relevant security risk policies and standards, owning the review and update cycle and ensuring each policy connects to a specific risk it reduces
- Partner with Legal and Internal Audit on regulatory horizon scanning and on audit findings affecting systems and processes, tracking findings through to closure
- Maintain authoritative risk materials for GSS leadership, monthly KPI updates, and quarterly Board contributions — accurate, succinct, and decision-ready — translating high-severity findings into clear business impact
- Lead, mentor, and grow the team, developing risk engineers and specialists and building a culture of adversarial thinking, business empathy, and technical rigour
- 10+ years of experience in information security, cybersecurity, technology risk, or operational risk within a large, complex, or high-growth organization, with demonstrable depth of information security expertise and a track record of operating at a senior level
- Proven experience operating in or alongside a second line of defense function within a Three (or Four) Lines of Defense model, able to engage credibly with senior engineers, architects, and security teams while maintaining independence from first-line delivery ownership
- Demonstrated leadership of a risk or security team, with a track record of mentoring and developing people, and the ability to manage conflicting priorities and multiple concurrent initiatives
- Strong command of risk quantification — able to express risk in financial and business terms, not just qualitative severity ratings — and of enterprise risk management beyond cybersecurity alone
- Working knowledge of security frameworks — NIST, ISO 27001, SOC 2, ISO 42001, PCI DSS, CIS Controls — and how they translate into credible control requirements and delivery plans
- Hands-on familiarity with modern risk and security tooling: third-party risk platforms, cyber risk quantification, vulnerability management, endpoint, and data-security telemetry, with a clear point of view on where AI augments versus replaces human judgement
- Experience building and tracking security KPIs and metrics to measure success and drive continuous improvement
- A strong communicator and problem-solver who balances persuasion with active listening, with exceptional stakeholder management skills to engage engineering leaders and executives and translate complex, technical risk into clear business impact
- Experience leading an evolution from a traditional GRC / compliance model toward an automated, engineering-led, or AI-enabled risk capability
- Experience in a regulated or high-trust environment (e.g. SOC 2, ISO 27001, ISO 42001, HIPAA, GDPR) and familiarity with the regulatory expectations affecting technology and cybersecurity risk
- Exposure to AI governance, model risk, or responsible-AI program work
- Familiarity with operational resilience and third-party risk beyond cybersecurity alone
- Experience with Python, SQL, and REST APIs to build automated data ingestion pipelines, query security telemetry, and programmatically orchestrate risk reporting
- Hands-on experience in SecOps, AppSec, or Security Architecture — with a focus on threat modeling, Zero Trust architecture, and data governance
- Experience working with security and risk tooling in cloud infrastructure, hosting, and platform contexts
- Relevant professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), or ISO 27001 Lead Auditor / Lead Implementer
Massachusetts Applicants:
It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who v]]>
<
$141.6k - $212.4k
...creators to own their own destiny. Klaviyo is looking for a Senior Security Engineer to add to our growing Detection and Response (D&R) Team.... ...communication skills ~ Team player with a strong, self-managing work ethic We use Covey as part of our hiring and / or...SeniorFull time$120k - $180k
...exciting opportunity within the Security Trust and Risk (STAR) team whose mission is to... ...’re seeking a highly motivated Senior Security Compliance Engineer to serve as a trusted advisor and... ...flow efficiently into risk management workflows Implement and customize...SeniorFull time$25 - $50 per hour
Galaxy - Security Design Engineer (Boston, MA) Since 1984, Galaxy Integrated Technologies has been designing and installing state‑of‑the‑art security systems... ...specifications Perform site surveys and security risk assessments to inform system design recommendations Select...SuggestedHourly payFor contractorsWork at office$148k - $222k
Senior Software Engineer - Infrastructure Security Engineering - Boston, MA Team Overview The Infrastructure Security team makes it simple... ...provider) and understand managed services, networking, and IAM... ...stakeholders aligned on progress, risks, and trade‑offs. Ability to...SeniorRelocation$100k - $150k
...exciting opportunity within the Security Strategy and Governance (... ...GSS team (namely Security Risk and Trust, Security... ...About the role: The Senior Technical Program Manager is an expert-level technical... ...rollouts. You will partner with Engineering, Product, GTS, Legal, and...SeniorFull timeFlexible hours$150k - $220k
Senior Director, Cloud Security & AI Security Salary Range: $150,000.00... ...Security to join our Boston-based team. This role... ...of technology, risk, and business impact... ...Operational Security & Threat Management: Oversee the... .... Collaborate with engineering to remediate findings...SeniorTemporary workFlexible hours- Senior Employment Litigation Associate-Full-Time Location: Boston, MA, 02116 What you will be doing: Drafting and responding to discovery and initial pleadings Drafting... ...Strong writing and analytical skills Ability to manage multiple projects in a fast-paced environment...SeniorFull time
$200k - $210k
...Description The Opportunity: As the Director of Security Risk Engineering, you will serve as a key senior leader working in direct partnership with the CISO... ...to global enterprise operational resilience, managing a highly impactful program that safeguards our...Full timeLocal areaImmediate startShift work$350k - $380k
...opportunity for a Real Estate Associate to join our Boston office and the Seyfarth Real Estate... ...cases in collaboration with senior attorneys. You Have At least six years of... ...and bonus pay. This position is based in Boston, MA 02210 #J-18808-Ljbffr Itlearn360SeniorWork at office- ...Job Description Job Description Description: Rist-Frost-Shumway Engineering, P.C. (RFS), a growing 105+-person consulting engineering firm with offices in Laconia, NH, Boston, MA, and Portland, ME is seeking candidates to join our talented and team-focused staff....SeniorSummer workWork from home
- Senior Data Engineer The Senior Data Engineer is responsible for software development and data engineering... ...data exchange… Software Engineering Manager The Software Engineering Manager will... ...status. Location(s): Madison, WI or Boston, MA (Preferred), Remote/Field #J-18808-...SeniorRemote job
$89.25k - $115k
...About the job Audit Senior Associate- Boston MA Job Summary As an Audit Senior Associate... ...processes, business objectives, and risks, and apply that knowledge to enhance... ...completing financial statement audits while managing the budget; performing an in-charge...SeniorWork at officeRemote workVisa sponsorship$130k - $160k
Senior, Investment Operations | Boston, MA Compensation: $130,000-160,000 A Boston-based alternative asset manager is seeking a senior-level candidate in investment operations to join its high-performing investment operations team. This role offers broad exposure across...Senior$146k - $209k
Senior Scientist, Computational Protein Design Boston, MA USA About Abiologics Abiologics is a Flagship Pioneering company developing Synteins™ — a transformative... ...design, structural biology, and protein engineering. Ideal candidates have deep experience in de novo...Senior$151.2k - $226.8k
Ahold Delhaize USA is hiring a Senior Security Engineering Manager responsible for safeguarding their technology environment through effective security... ...work schedule, requiring 3 in-person days in Quincy, MA. The ideal candidate will have over 10 years of experience...Senior- Cardiovascular Senior Scientist - Metric Bio, Boston, MA Metric Bio has partnered with a client focused on cardiovascular research and drug discovery. We are seeking a forward-thinking, curious, and innovative Cardiovascular Scientist or Senior Scientist to join a pioneering...Senior
$148k - $222k
...The Infrastructure Security team makes it simple and easy for engineers to make secure... ...make an impact As a Senior Software Engineer... ...provider) and understand managed services,... ...aligned on progress, risks, and trade-offs.... ...role is based in Boston, Massachusetts ....SeniorFull timeRelocation$96k - $214.5k
Boston, MA USA About ProFound Therapeutics ProFound Therapeutics is pioneering the discovery of the expanded human proteome... ...disease. The Role We are seeking a highly motivated Senior Machine Learning Engineer / Data Scientist to join our AI/ML team. This individual...Senior- Fund Controller - Boston, MA - Real Estate Private Equity Our team is working with a leading... ...serving as a key partner to portfolio management, capital markets, investor relations,... ...upon sale, servicing existing debt, securing new financing, and paying off existing...Full time
$125k
...is seeking a Portfolio Manager - Commercial Lender to be based in the Boston, MA market. The successful candidate... ...CRE & C&I loans, assist senior officers with larger,... ...while minimizing risk. Solicit commercial clients; actively seek and secure new business through client...- Senior Property Accountant - Boston MA - Mixed Use Real Estate Our team is working with a leading privately held... .... The role will be responsible for managing all aspects of property-level... ...investment cost spreadsheets for marketable securities, swaps, and pension activity. Roll...SeniorFull timeWork at office
- ...financial institution is seeking a Senior Ethical Hacker to evaluate the security of applications and technologies... ...vulnerabilities, advising on risk management, and developing innovative solutions... .... This position is based in Boston, MA with a commitment to an in-office...SeniorWork at office
$140k - $210k
Senior Manager, Mid-Enterprise Partner Sales Boston, MA - At Klaviyo, the partnerships team prides itself on being marketing and product experts, empowering creators to own their destinies. As a Senior Manager, Mid‑Enterprise Partner PMs, you will lead a team of Partner...Senior$130k - $160k
...targeted physicians and key accounts through effective territory management and execution of sales/marketing strategies. Serves as an... ...to increase sales and awareness Territory to include: Boston, South Boston, MA- Providence, RI Minimum Requirements Advanced Lung...SeniorLocal areaRemote work- Software Engineering Manager (Madison, WI or Boston, MA) Job Summary: The Software Engineering Manager will oversee the creation and maintenance of company... ..... Location(s): Madison, WI or Boston, MA (Preferred) Senior Data Engineer (Madison, WI or Boston, MA) Job Summary:...SeniorRemote workFlexible hours
- Senior Fund Accountant | Boston, MA | Private Credit Our team is working with a leading credit fund based in Boston, looking to hire a Senior Fund Accountant... ...expenses and allocations, tracking investment activity, managing shadow accounting records, and analyzing complex...SeniorFull time
- ...Description Bala Consulting Engineers is a 200-person engineering... ...service offices in New York, NY, Boston, MA, Baltimore, MD and... ...development. We are looking for a Senior Mechanical Engineer who... ...commissioning. Experience in the management and execution of multiple...SeniorFull timeContract workWork at officeRemote work
- ...research and development company in Cambridge seeks a Supply Chain Risk Manager to oversee operations and ensure compliance with Department... ...7 years of relevant experience and a Bachelor of Science in Engineering. Benefits include workplace flexibility and engagement...Senior
- Position: Pharmaceutical Domain Senior Business Analyst Location: Boston, MA. Hybrid. Prefer onsite in Boston from... ...testing (UAT), and change management to ensure adoption of new systems... ...Bachelor's degree in computer science, engineering, or related field (Master's...SeniorLocal area
- SENIOR PROGRAM COORDINATOR, Psychological & Brain Sciences We are seeking... ...Affairs. This role will manage admissions activities for the... ...events, and various activities for MA and PhD students. Assist with... ...how to apply for this position . #J-18808-Ljbffr Boston UniversitySeniorFor contractorsLocal area
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Senior Manager - Security Risk Engineering (Boston, MA). Be the first to apply!
- surveillance manager Boston, MA
- director global security Boston, MA
- physical security manager Boston, MA
- director information security Boston, MA
- senior security manager Boston, MA
- corporate security manager Boston, MA
- security operations manager Boston, MA
- security manager Boston, MA
- security engineering manager Boston, MA
- program manager with security clearance Boston, MA



