Senior Manager - Security Risk Engineering

At Klaviyo, we value the unique backgrounds, experiences and perspectives each Klaviyo (we call ourselves Klaviyos) brings to our workplace each and every day. We believe everyone deserves a fair shot at success and appreciate the experiences each person brings beyond the traditional job requirements. If you’re a close but not exact match with the description, we hope you’ll still consider applying. Want to learn more about life at Klaviyo? Visit klaviyo.com/careers to see how we empower creators to own their own destiny. About the team: An exciting opportunity within the Security Trust and Risk (STAR) team whose mission is to ensure the safety and security of our customers, partners and Klaviyos as well as deliver best in class technology solutions, infrastructure and services. This is achieved by providing a robust and secure technology foundation to do great work. We solve problems using technology, embrace automation and AI, and support Klaviyo's continued scalability and sustainable employee growth in a rapidly evolving environment. The STAR team assists the Global Security Services (GSS) organization in developing and refining information security policies, standards and strategy, enterprise risk management, creating metrics and reporting, coordinating cross-functional projects, and strategically aligning global information security initiatives with the broader CISO vision amongst other governance, risk and compliance efforts. The STAR team is highly collaborative and cross-functional, working closely with various functions within the GSS team (namely Security Product and Development and Security Intelligence Operations), Global Technology Solutions (GTS) team and the broader Klaviyo organization. About the role: The Senior Manager, Security Risk Engineering is a senior information security and risk leader responsible for evolving risk management at Klaviyo from a traditional, cyber-centric, compliance-driven model into a real-time, business-aligned, engineering-led risk intelligence capability. Reporting into the Director of Security Trust and Risk, you will lead the Security Risk Engineering team as a second line of defense — owning technology risk management, third-party risk, risk quantification, and the risk intelligence and automation capability that turns disparate security signals into a single, decision-enabling view of risk. You will operate as a credible, hands-on risk authority who can challenge and partner with engineering and security teams while maintaining independence from first-line delivery. You will build a team that thinks like risk engineers rather than traditional analysts — automating repeatable assessment, instrumenting controls, and applying AI as foundational infrastructure. You will partner with Engineering, Product, GTS, Legal, Audit, Finance, and the wider GSS organization to make risk legible across the business and to move Klaviyo's risk posture measurably forward. ​​How you’ll have an impact: • Lead the transition of risk management from a cyber-centric model to an enterprise-wide framework — expanding scope beyond cybersecurity to operational, financial, regulatory, and third-party risk, with integrated remediation tracking and clear ownership of outcomes • Own the risk register and taxonomy, establishing a consistent standard (threat actor, technique, scenario, safeguard, loss event, quantification) so that aggre

Get roles like this the moment they post.