This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more. Role Description This role plays a critical part in supporting cybersecurity policy and oversight services. You will provide leadership and operational management to ensure the effective delivery of cybersecurity services across various programs. Collaborating closely with government leadership, you will oversee compliance with cybersecurity policies while ensuring that project outcomes align with strategic objectives. Your expertise will guide teams toward successful execution and adherence to critical schedules and deliverables. - Serve as the project manager for overall execution and delivery of cybersecurity requirements. - Coordinate with government leadership and stakeholders to facilitate effective communication. - Develop and maintain project management plans for the contract lifecycle. - Ensure alignment of cybersecurity support services across various systems and organizations. - Support governance initiatives related to Risk Management Framework (RMF) implementation. Qualifications - Current Project Management Professional (PMP) certification. - 6+ years of general Information Technology experience. - 6+ years of cybersecurity experience in enterprise IT or cybersecurity programs. - Strong knowledge of RMF processes and cybersecurity governance. - Ability to manage multidisciplinary cybersecurity teams in complex environments. Benefits - Multiple healthcare coverage options including low and high deductible plans. - Dental, vision, accident & illness coverage. - 401(k) plan with a 6% match and profit sharing. - 100% Employee Stock Ownership Plan (ESOP) for eligible employees. - Short- and long-term disability coverage.

• The SME performs and supports the DoD cybersecurity authorization process, either as the system authorizing expert or as a subject matter expert for systems undergoing authorization. • The SME evaluates vulnerabilities and determines the appropriate severity value for identified security control deficiencies. • The SME assesses potential impacts on system authorization status and provides recommendations for remediation. • The role involves briefing senior leadership on the progress, risks, and outcomes of systems undergoing the Risk Management Framework (RMF) authorization process.

• Configure and maintain Workday security roles, groups, and access policies • Process user access requests and manage role assignments based on job functions • Maintain documentation of security architecture and access models • Conduct regular audits to ensure least-privilege access and segregation of duties • Troubleshoot security access issues and Workday security-related incidents • Create and maintain documentation on Workday security configurations

Later is the world’s most intelligent influencer marketing company, built to give brands the confidence to create unforgettable campaigns. By combining real creator relationships, trusted intelligence, and expert guidance, Later removes fear and guesswork from one of marketing’s most visible investments. Built on a native, AI-powered platform and more than a decade of proprietary data—including billions of social interactions, impressions, and $2.4B+ in verified influencer-driven purchases—Later helps teams understand what will work before they launch. By combining trusted insight with expert guidance, Later removes guesswork from influencer marketing, enabling brands to choose the right creators, execute fully managed campaigns, and drive meaningful growth across awareness, engagement, and revenue. Trusted by leading enterprise brands including Nike, Wayfair, Unilever, and Southwest Airlines, Later bridges creativity and performance so campaigns don’t just look good—they deliver results. Learn more at later.com. About this position: As a Senior Security Engineer at Later, you will play a critical role in strengthening and scaling the security foundations that power our platform. This role blends deep security expertise with hands-on engineering, with a particular focus on identity and access management, authentication systems, and secure-by-design development practices. You’ll partner closely with Engineering, Infrastructure, and Product teams to embed security into our CI/CD pipelines, internal platforms, and customer-facing systems—enabling teams to move quickly while keeping our systems, data, and users safe. This is a high-impact individual contributor role for someone who thinks like a defender, builds like a software engineer, and leads through influence. What you'll be doing: Strategy - Assess and continuously improve Later’s security posture across applications, infrastructure, and development workflows - Define and implement scalable security standards, guardrails, and best practices that support compliance through automated and auditable solutions - Partner with Engineering and Product leadership to align security priorities with business objectives and delivery timelines - emerging risks and proactively design systems and processes that reduce long-term exposure Technical/ Execution - Own identity and access management across Later’s platform, including authentication, authorization, and secure machine-to-machine (M2M) processes - Design, implement, and maintain secure authentication systems for both internal tools and customer-facing experiences - Harden login systems, establish consistent authentication patterns across services, and ensure secure integration between tools - Build and maintain internal security tooling to support secure development, operational visibility, and compliance workflows - Embed security controls into CI/CD pipelines, including SAST, DAST, SCA, container scanning, secret management, and secure build/deploy practices - Partner with engineering teams to identify vulnerabilities, clearly communicate risk and impact, and drive effective remediation Team / Collaboration - Provide pragmatic, solution-oriented security guidance during system design and architecture reviews - Collaborate cross-functionally to embed security into development workflows without slowing delivery - Translate complex security concepts into clear, actionable recommendations for both technical and non-technical stakeholders - Act as a trusted partner to engineering teams, balancing risk mitigation with business enablement Leadership - Lead by influence—raising the security bar through standards, tooling, and mentorship - Set a high standard for secure engineering practices and help others level up their security mindset - Model accountability, ownership, and transparency in security decisions Research/Best Practices - Stay current on application security, cloud security, and identity best practices - Apply industry frameworks (e.g., OWASP, NIST, CIS Controls) pragmatically within production environments - Continuously evaluate and improve identity architecture and security automation to scale with the business Nice to have: - Experience designing or migrating identity architecture at scale - Experience building internal developer security tooling - Experience working in a high-growth technology environment What success looks like: - Identity and access management is secure, scalable, and consistently implemented across the platform - Security controls are embedded into CI/CD pipelines, reducing manual effort and improving detection and prevention - Engineering teams proactively consider security in their designs and view security as an enabler—not a blocker - Vulnerabilities are identified early, clearly prioritized, and remediated efficiently - Compliance frameworks (e.g., SOC 2, ISO 27001) are supported through automation and well-defined processes - Later’s overall security posture measurably improves while maintaining speed of product delivery What you bring: - 5–7+ years of experience as a Security Engineer or Software Engineer with a strong security focus - Proven experience building and operating production-grade software, systems, or internal tooling - Strong background in application security, infrastructure security, and secure CI/CD practices - Hands-on experience with identity and access management, including authentication systems, authorization frameworks, and machine-to-machine security patterns - Experience applying security frameworks such as OWASP, NIST, or CIS Controls in real-world production environments - Familiarity with cloud security tooling (AWS Security Hub, Azure Security Center, or GCP Security Command Center), SIEM/SOAR tools, and Infrastructure-as-Code security scanning (Terraform, CloudFormation) - Experience supporting compliance frameworks such as SOC 2 and ISO 27001 - Familiarity with modern backend systems (including C#) and cloud-native architectures - Demonstrated ability to collaborate cross-functionally and influence engineering teams to improve security outcomes - Strong communication skills with the ability to translate complex security concepts into clear, actionable guidance How you work: - Driven by Impact: You deliver results that matter—prioritizing high-value work, meeting deadlines, and adapting quickly while keeping outcomes clear. - Strategic & Customer-Centric: You anticipate risks and opportunities, connect decisions to long-term growth, and build trust through proactive insights. - Curious & Growth-Oriented: You seek knowledge, ask sharp questions, and apply learnings fast—challenging the status quo with a mindset of improvement. - Collaborative & Resilient: You thrive in change by staying resourceful, solution-focused, and positive—removing roadblocks, sharing insights, and keeping morale high. - Accountable & Honest: You own your work, hold yourself and others to a high bar, and use transparent feedback to drive growth. - Emotionally Intelligent: You build trust through empathy and collaboration, foster inclusion, and inspire others with grit, optimism, and integrity. Our approach to compensation: We take a market-based & data-driven approach to compensation. We leverage data from trusted third-party compensation sources to help us understand the market value of a role based on function, level, geographic location, and scope. We evaluate compensation bi-annually, including performance and market-related factors. Our salaries are benchmarked against market Total Cash Compensation for the geographic location of our job posting. Compensation for some roles is structured as On Target Earnings (OTE = base + commission/variable) while for others it is structured as Salary only. To comply with local legislation and ensure transparency, we share salary ranges on all job postings. Skills, experience and other factors help determine the final salary we offer which may vary from the original range posted. Additionally, all permanent team members are eligible to participate in various benefits plans as part of their overall compensation package. Salary Range: $ 145,000 - 175,000 #LI-Remote Where we work: We have offices in Boston, MA; Vancouver, BC; Chicago, IL; and Vancouver, WA. For select positions, we are open to hiring fully remote candidates. We post our positions in the location(s) where we are open to having the successful candidate be located. Diversity, inclusion, and accessibility: At Later, we are committed to fostering a culture rooted in an inclusion-first mindset at every level of the company, embracing the importance of hiring and building teams for culture add rather than culture fit. We openly build and maintain unbiased hiring, pay, and promotion practices to create a foundation for an equitable workplace, paving the way for systemic change. We are committed to creating a diverse environment and are proud to be an equal opportunity employer. All applications will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, national origin, disability, or age. Please let us know if you require any accommodations or support during the recruitment process.