Demo
Salary Resume Critique Job Openings

Lead Security Risk Engineer

Klaviyo Inc.
San Francisco, CA Full Time
POSTED ON 1/16/2025
AVAILABLE BEFORE 3/28/2025

At Klaviyo, we value the unique backgrounds, experiences and perspectives each Klaviyo (we call ourselves Klaviyos) brings to our workplace each and every day. We believe everyone deserves a fair shot at success and appreciate the experiences each person brings beyond the traditional job requirements. If you’re a close but not exact match with the description, we hope you’ll still consider applying. Want to learn more about life at Klaviyo? Visit careers.klaviyo.com to see how we empower creators to own their own destiny.

Please ensure you read the below overview and requirements for this employment opportunity completely.

Klaviyo is empowering creators to own their destiny. To that end, our Risk & Trust team partners with our fellow Klaviyos to help them securely deliver customer value and foster unwavering trust with our customers. Within Risk & Trust, our Risk function enables Klaviyos to take smart risks while bolstering accountability around timely and effective risk mitigation.

We’re seeking a highly collaborative Lead Security Risk Engineer who will help us continue to evolve our Risk function by using engineering principles and data-driven strategies to precisely identify, understand, communicate, and prioritize mitigation of risk. This role will start out primarily focused on supporting our security metrics program, with a big focus on data engineering and making security metrics easily accessible and highly impactful for stakeholders.

You’ll partner closely with Engineering, IT, Security, Leadership, and basically every other team at Klaviyo to create a holistic view of risk based on high-quality data about our assets, weaknesses, threats, and safeguards (controls). You will help evolve our risk management practices to be transparent, evidence-based, and centered around quantitative risk models. Through all of this, Klaviyo will be in a much better position to sustainably grow and deliver value to our customers.

What you’ll be doing :

  • Build and curate security metrics (KPIs, KRIs, KCIs) that provide actionable, real-time risk insights that answer meaningful business questions
  • Automate and streamline third-party and internal security risk management processes
  • Assist with risk management operations, including risk assessments and risk reviews
  • Identify and assess risks using qualitative and quantitative methods, such as FAIR
  • Co-create security standards and risk plans with InfoSec and partner team subject matter experts
  • Provide mentorship and technical lead support to your fellow team members

We’d love to hear from you if you have :

  • Strong expertise in most of the following security domains : vulnerability risk management, application security, cloud infrastructure security, SaaS security, identity and access management, data security and access governance, platform and product safety
  • Experience building security data products at scale, ideally using SQL and Snowflake, Airflow or Airbyte, and dbt
  • Experience building and operationalizing security metrics with partner teams by using data visualization tools, ideally using Apache Superset
  • Experience writing code to build on and integrate with web application APIs, ideally using Python and REST APIs

    • Everyone on our team must have :

  • A strong bias toward evidence, logic, math, and reason when communicating risk (instead of fear, uncertainty, and doubt)
  • A strong bias toward “guardrails, not gates” and “paved security roads” philosophies (instead of rigid “centralized command-and-control” processes and operating styles)
  • Excellent ability to plan, prioritize, and deliver results cross-functionally and in a timely fashion
  • Proficiency discussing complex, nuanced topics with technical & non-technical audiences alike, especially software engineers

    • Bonus points if you have any of the following :

  • Experience designing, building, or implementing technical security controls in AWS
  • Experience with cyber risk quantification (CRQ) tools and frameworks, such as riskquant and FAIR
  • Experience with threat modeling or secure design reviews
  • Experience in security operations, security engineering, and / or security architecture
  • Experience or knowledge of securing web applications, Kubernetes clusters, and / or containers

    • The pay range for this role is listed below. Sales roles are also eligible for variable compensation and hourly non-exempt roles are eligible for overtime in accordance with applicable law. This role is eligible for benefits, including : medical, dental and vision coverage, health savings accounts, flexible spending accounts, 401(k), flexible paid time off and company-paid holidays and a culture of learning that includes a learning allowance and access to a professional coaching service for all employees.

    Base Pay Range For US Locations :

    160,000 — $240,000 USD

    Get to Know Klaviyo

    We’re Klaviyo (pronounced clay-vee-oh). We empower creators to own their destiny by making first-party data accessible and actionable like never before. We see limitless potential for the technology we’re developing to nurture personalized experiences in ecommerce and beyond. To reach our goals, we need our own crew of remarkable creators—ambitious and collaborative teammates who stay focused on our north star : delighting our customers. If you’re ready to do the best work of your career, where you’ll be welcomed as your whole self from day one and supported with generous benefits, we hope you’ll join us.

    Klaviyo is committed to a policy of equal opportunity and non-discrimination. We do not discriminate on the basis of race, ethnicity, citizenship, national origin, color, religion or religious creed, age, sex (including pregnancy), gender identity, sexual orientation, physical or mental disability, veteran or active military status, marital status, criminal record, genetics, retaliation, sexual harassment or any other characteristic protected by applicable law.

    IMPORTANT NOTICE : Our company takes the security and privacy of job applicants very seriously. We will never ask for payment, bank details, or personal financial information as part of the application process. All our legitimate job postings can be found on our official career site. Please be cautious of job offers that come from non-company email addresses (@klaviyo.com), instant messaging platforms, or unsolicited calls.

    You can find our Job Applicant Privacy Notice here.

    J-18808-Ljbffr

    Salary : $160,000 - $240,000

    If your compensation planning software is too rigid to deploy winning incentive strategies, it’s time to find an adaptable solution. Compensation Planning
    Enhance your organization's compensation strategy with salary data sets that HR and team managers can use to pay your staff right. Surveys & Data Sets

    What is the career path for a Lead Security Risk Engineer?

    Sign up to receive alerts about other jobs on the Lead Security Risk Engineer career path by checking the boxes next to the positions that interest you.
    Income Estimation: 
    $81,561 - $110,340
    Income Estimation: 
    $91,204 - $122,222
    Income Estimation: 
    $139,945 - $168,577
    Income Estimation: 
    $164,835 - $201,088
    Income Estimation: 
    $135,994 - $168,063
    Income Estimation: 
    $161,209 - $233,553
    Income Estimation: 
    $152,549 - $188,894
    Income Estimation: 
    $194,072 - $240,547
    Income Estimation: 
    $135,994 - $168,063
    Income Estimation: 
    $161,209 - $233,553
    Income Estimation: 
    $87,093 - $107,335
    Income Estimation: 
    $111,725 - $147,313
    Income Estimation: 
    $112,673 - $137,290
    Income Estimation: 
    $140,233 - $181,029
    Income Estimation: 
    $161,209 - $233,553
    Income Estimation: 
    $112,673 - $137,290
    Income Estimation: 
    $139,945 - $168,577
    Income Estimation: 
    $140,233 - $181,029
    Income Estimation: 
    $161,209 - $233,553
    Employees: Get a Salary Increase
    View Core, Job Family, and Industry Job Skills and Competency Data for more than 15,000 Job Titles Skills Library

    Job openings at Klaviyo Inc.

    Lead Security Risk Analyst
    Klaviyo Inc.
    Hired Organization Address Boston, MA Full Time
    At Klaviyo, we value the unique backgrounds, experiences and perspectives each Klaviyo (we call ourselves Klaviyos) brin...
    Lead Security Risk Analyst
    Klaviyo Inc.
    Hired Organization Address San Francisco, CA Full Time
    We’re seeking a highly motivated Lead Security Risk Partner who will help us continue to evolve our Risk function by usi...
    Account Executive, Mid Market
    Klaviyo Inc.
    Hired Organization Address Salt Lake, UT Full Time
    At Klaviyo, we value the unique backgrounds, experiences and perspectives each Klaviyo (we call ourselves Klaviyos) brin...
    Senior NetSuite Consultant
    Klaviyo Inc.
    Hired Organization Address Denver, CO Full Time
    At Klaviyo, we value the unique backgrounds, experiences and perspectives each Klaviyo (we call ourselves Klaviyos) brin...
    View More Jobs at Klaviyo Inc.

    Not the job you're looking for? Here are some other Lead Security Risk Engineer jobs in the San Francisco, CA area that may be a better fit.

    Lead Security Risk Analyst

    Klaviyo, San Francisco, CA

    Software Engineer III

    Lead Bank, San Francisco, CA

    View More Jobs

    AI Assistant is available now!

    Feel free to start your new journey!