Senior Manager, Cyber Security (SaaS)

Location: Hybrid- Employees may be required to work out of the nearest office location for quarterly meetings 1-4 times annually. 

Aravo Solutions, Inc., provides leading third-party risk management (TPRM), ESG, and vendor lifecycle management solutions powered by intelligent automation software and designed to meet the needs of TPRM teams at Global 2000 enterprises.

At Aravo, we believe that in an increasingly interconnected world, managing risk is a critical pillar of global resilience. Traditional, manual approaches to TPRM can no longer keep pace with today’s scale and speed of disruption. That’s why we have pioneered an Intelligence-First™ approach.

Trusted by millions of third-party users in 195+ countries, Aravo provides guidance for the most complex third-party networks in the world, helping them mitigate risk, build business resilience, and protect their reputations. We are fundamentally redesigning how organizations see, understand, and act on risk by embedding AI directly into the core of their workflows.

Joining Aravo means working at the forefront of AI in TPRM and collaborating with a team that views AI as a partner, not a replacement. You will have the opportunity to work alongside industry experts, leverage the latest technologies, and contribute to shaping the future of third-party risk management!

Position Overview:

We are seeking a Senior Manager, Cyber Security to join our dynamic team. The ideal candidate will build and lead our security program. This role will own the security roadmap and drive execution across Product Engineering, IT, and GRC; serving as subject matter expert on security standards and primary contact for customers and partners. This is a hands-on leadership role blending technical depth with strategic leadership, ensuring our systems, tools, and processes scale efficiently to meet business outcomes.

Key Responsibilities:

• Define and execute Aravo’s security roadmap, aligning priorities with business goals and communicating progress through scorecards, dashboards, and KPIs
• Lead vulnerability management programs across product and infrastructure, ensuring effective triage, prioritization, and remediation
• Partner with Product Engineering to implement and maintain secure development practices, including code review and SDLC controls
• Establish and enforce company-wide security policies and standards in collaboration with Corporate IT
• Own and continuously improve Aravo’s cloud security posture in alignment with industry best practices and compliance frameworks
• Drive FedRAMP readiness and authorization efforts, coordinating cross-functional execution
• Evolve and scale our compliance programs (e.g., SOC2) to meet changing business and regulatory needs
• Translate technical risk into strategic goals that drive informed decisions and measurable business outcomes across Engineering, Leadership, and Customers
• Maintain an accurate and actionable risk register, ensuring findings are tracked to closure
• Build relationships across the company to drive cross-functional security execution
• Own security incident response planning and execution
• Lead and mentor security team members, fostering a culture of growth and continuous learning

Requirements

Qualifications:

• 8-12 years of progressive security experience, with 3-5 years in a leadership role
• Expertise in building vulnerability management programs in SaaS environments, including tool selection, risk-based prioritization, and tracking remediation to closure
• Demonstrated ability to design and implement secure infrastructure across managed hosting, hybrid, and cloud environments
• Track record of managing compliance programs and implementing security frameworks (e.g., SOC2, NIST 800-53), including control design, implementation, and continuous compliance monitoring
• Strong background in developing and maintaining a risk register and translating technical risks into business language
• Hands-on experience with FedRAMP compliance programs, including control implementation, documentation, and authorization processes
• Proficiency in designing security metrics, dashboards, and KPIs that align with business outcomes
• Experience in designing and leading security incident response programs

Preferred Qualifications/Skills/Soft Skills: (Optional)

• Relevant security certifications:

   Certified Information Systems Security Professional (CISSP)

   Certified Information Security Manager (CISM)

AWS Security Specialty (SCS-C02)

• FedRAMP Moderate or High authorization experience, including Third-Party Assessment Organization (3PAO)
• Experience designing and implementing Zero Trust architecture frameworks
• Background in securing containerized workloads and cloud-native services

Why Join Us:

At Aravo Solutions, Inc., we offer a dynamic and inclusive work environment where employees are encouraged to innovate, grow, and make a meaningful impact. We provide competitive compensation and benefits packages, opportunities for professional development, and the chance to work alongside industry experts on cutting-edge projects.

Benefits

Benefits:

At Aravo Solutions, Inc., we offer a dynamic and inclusive work environment where employees are encouraged to innovate, grow, and make a meaningful impact. We provide competitive compensation and benefits packages, opportunities for professional development, and the chance to work alongside industry experts on cutting-edge projects.