Manager, Security Trust & Compliance

Job Description

Manager, Security Trust & Compliance at Klaviyo.

At Klaviyo, we are on a mission to empower creators to own their destiny. Our AI‑first B2C CRM platform serves 176,000+ brands in 80+ countries, and we are looking for a highly motivated manager to lead our Security Trust & Compliance team. The team drives compliance operations & audits, continuous control monitoring, security policies & standards, security education & awareness, customer trust operations, identity governance, and privacy operations in partnership with Legal.

• Lead, support, and develop the Trust team, fostering professional growth and cross‑functional partnerships.
• Partner with STAR leadership to plan, oversee, and drive execution of projects and operations, ensuring timely delivery of high‑quality outcomes.
• Define a compelling vision and strategy for Trust programs, continuously improving governance, culture, compliance, and trust.
• Seek out and prioritize high‑value opportunities for AI and automation to streamline processes and eliminate toil.
• Drive cross‑functional alignment between the CISO organization and partner teams to align Trust priorities with company OKRs.

• Experience leading, developing, and managing teams of individual contributors with a focus on diversity and belonging.
• Broad knowledge of cloud‑native web application architectures and security best practices, especially in AWS, Kubernetes, and AI contexts.
• Experience implementing Compliance Automation products (e.g., Drata, Vanta, Anecdotes, Hyper Proof).
• Experience executing/leading compliance programs for SOC 2, ISO 27001, ISO 27017, ISO 27018, PCI, HIPAA, GDPR, CCPA, and NIS
  2.
• Experience executing/leading core governance and trust programs such as continuous control monitoring, security policies & standards, security education & awareness, and customer trust operations.
• Experience applying GRC engineering principles, automation, system design, and threat‑informed GRC.

• Strong bias toward evidence, logic, math, and reason in risk communication.
• Advocate for “guardrails, not gates” and “paved security roads” philosophies.
• Excellent ability to plan, prioritize, and deliver results cross‑functionally and on schedule.
• Proficiency discussing complex, nuanced topics with technical and non‑technical audiences.
• Alignment with Klaviyo’s core values.

• Experience with SQL, building tools with REST APIs, and Python.
• Experience implementing Identity Governance tools and processes such as UARs and JITA.
• Experience in security operations, security engineering, and/or security architecture roles.

Klaviyo is committed to a policy of equal opportunity and non‑discrimination. We do not discriminate on the basis of race, ethnicity, citizenship, national origin, color, religion or religious creed, age, sex (including pregnancy), gender identity, sexual orientation, physical or mental disability, veteran or active military status, marital status, criminal record, genetics, retaliation, sexual harassment or any other characteristic protected by applicable law.

It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.