About Strava
The social network for athletes to connect and compete
Key Highlights
- 125 million+ athletes using the platform
- Raised $151.4 million in Series F funding
- Partnership with Oura for wearable fitness integration
- Offers both free and premium subscription services
Strava, headquartered in the Mission District of San Francisco, CA, is a leading social network for athletes, boasting over 125 million users who track their running and cycling routes. The company offers both free and premium subscription services, and in 2025, it raised $151.4 million in Series F ...
🎁 Benefits
Strava provides competitive base salaries and stock options, along with 100% company-paid benefits for employees and their families. Employees enjoy f...
🌟 Culture
Strava fosters a vibrant community of athletes by encouraging engagement through weekly team workouts, including for remote employees. The company val...
Security Engineer • Senior
Skills & Technologies
Overview
Strava is hiring a Senior Vulnerability Management Engineer to enhance the security of its platform supporting millions of athletes. You'll manage the full lifecycle of vulnerability management and collaborate across teams to improve security posture. This role requires expertise in vulnerability management and incident response.
Job Description
Who you are
You have a strong background in vulnerability management, with experience in identifying, assessing, and remediating vulnerabilities across various systems. You understand the importance of securing platforms that handle sensitive data and are committed to proactive security practices. Your collaborative nature allows you to work effectively with engineering, IT, and security teams to align technical execution with real-world risk reduction. You are skilled in building automations and processes that enhance security efficiency and reduce manual efforts. You thrive in a hybrid work environment, balancing on-site collaboration with remote flexibility.
Desirable
Experience with security frameworks and tools that support vulnerability management is a plus. Familiarity with cloud security practices and incident response methodologies will further enhance your effectiveness in this role.
What you'll do
In this role, you will own the full lifecycle of vulnerability management, which includes visibility, prioritization, and remediation across Strava's diverse tech stack. You will lead efforts to identify and assess vulnerabilities, ensuring timely and efficient patching and hardening efforts. Your work will have a high-leverage impact on Strava's risk posture, enabling the company to protect its users and their data effectively. You will collaborate closely with cross-functional teams to align security initiatives with business objectives, ensuring that security measures are integrated into the development process. Additionally, you will contribute to continuous security improvement by building scalable automations that streamline vulnerability management processes.
What we offer
Strava provides a flexible hybrid work model, allowing you to spend more than half of your time on-site in our San Francisco office. You will be part of a dedicated security team that is passionate about protecting the platform and its users. Strava values diversity and encourages applicants from all backgrounds to apply, even if they do not meet every requirement. Join us in making a positive impact on the lives of athletes around the world.
Interested in this role?
Apply now or save it for later. Get alerts for similar jobs at Strava.
Similar Jobs You Might Like
Based on your interests and this role
Security Engineer
Celonis is seeking a Senior Vulnerability Management Engineer to safeguard their cloud-native and on-prem infrastructure. You'll execute vulnerability scans and provide actionable intelligence to remediation teams, requiring 5+ years of experience in vulnerability management.
Vulnerability Management Engineer
Cloudflare is hiring a Vulnerability Management Engineer to identify and remediate vulnerabilities across its infrastructure and cloud environments. You'll collaborate with engineering and compliance teams in a hybrid role based in Austin.
Security Engineer
Meta is hiring a Security Engineer specializing in Vulnerability Management to enhance the company's security posture. You'll collaborate with cross-functional teams to identify and prevent vulnerabilities during the development process. This role requires experience in security practices and tools.
Security Engineer
Samsara is hiring a Senior Security Engineer specializing in Vulnerability Management to enhance the security of their operations. You'll work with automation and infrastructure-as-code to protect customer data. This role requires hands-on experience with modern security platforms.
Security Engineer
Zscaler is hiring a Principal Vulnerability Management Engineer to enhance their cloud-native Zero Trust Exchange platform. You'll focus on protecting customers from cyberattacks and data loss, leveraging your expertise in cybersecurity and vulnerability management.