Security Supply Chain Manager at Webflow

This role is ideal for a senior security professional with at least 7 years of experience who specializes in Third-Party Risk Management (TPRM) and supply chain security. You should have a strong grasp of industry frameworks like SOC2, ISO 27001, and NIST, but more importantly, you possess the technical depth to translate complex findings—like penetration test results and AI-related risks—into actionable business strategies. The compensation is highly competitive, reaching up to $262k USD (or $298k CAD) plus equity and bonuses. As a remote-first position, it offers excellent flexibility and high-tier benefits, including a sabbatical program and a $6,000 401(k) match. You’ll have the autonomy to move the program beyond "checkbox compliance" by building automation and proactive threat monitoring from the ground up. **You might be a good fit if you:** * Have a proven track record of scaling vendor risk programs in fast-paced, remote-first SaaS environments. * Are comfortable assessing the security implications of AI technologies and complex software supply chains. * Prefer building automated, data-driven workflows over manual spreadsheet-based assessments. * Can influence cross-functional partners in Legal, Procurement, and IT to prioritize security outcomes.