Senior Manager, Customer Trust

About the Role

Abnormal Security is seeking a Senior Manager, Customer Trust to lead and scale our Customer Trust function. Reporting to the Director of GRC, you will own the strategy and operations that enable our customers and prospects to understand and trust Abnormal's security, privacy, and compliance posture.

This is a player-coach leadership role. You'll lead a team of 4-5 Customer Trust professionals while personally engaging with strategic customers, driving questionnaire and RFP responses, and owning our Trust Center. The ideal candidate brings deep experience in customer-facing security assurance roles, thrives in fast-paced SaaS environments, and has the executive presence to represent Abnormal's security program to CISOs and security teams at the world's largest enterprises.

If you're energized by building trust at scale, leading high-performing teams, and being the voice of security to customers—this role is for you.

What You Will Do

Customer Trust Program Leadership

• Lead and develop a team of 4-5 Customer Trust professionals; establish team goals, operating cadence, and career development paths.
• Own the end-to-end Customer Trust program strategy, roadmap, and KPIs; report on program effectiveness to GRC Director, CISO, and executive leadership.
• Serve as the escalation point and subject matter expert for complex customer security, privacy, and compliance inquiries.

Customer & Prospect Engagement

• Own and drive all customer and prospect security questionnaires and RFP responses; ensure timely, accurate, and high-quality deliverables.
• Serve as the primary point of contact for customer security conversations—join calls, present Abnormal's control environment, and address customer concerns with confidence and credibility.
• Partner with Sales and Customer Success to support strategic deals and customer renewals requiring security assurance.

Trust Center & Content Ownership

• Own the Trust Center (SafeBase or equivalent)—manage configuration, content, access, and continuous improvement.
• Curate and maintain all customer-facing security documentation including pen-test reports, SOC 2 reports, ISO certifications, policies, and whitepapers.
• Analyze customer demand signals to proactively develop new content (whitepapers, FAQs, one-pagers) that anticipates customer needs and reduces inbound volume.

Contract & Legal Support

• Review Security Contract Exhibits, Data Processing Agreements (DPAs), and privacy addenda; provide timely, informed feedback to Legal and customers.
• Partner with Legal to standardize security and privacy contract language and streamline negotiation workflows.

Cross-Functional Collaboration

• Build strong partnerships with Sales, Legal, Product Security, Compliance, and Engineering to ensure cohesive messaging and efficient processes.
• Stay current on regulatory developments (GDPR, CCPA, industry frameworks) and translate implications for customer-facing communications.

Must Haves

• 8+ years of experience in customer trust, security assurance, GRC, or related disciplines with progressive responsibility.
• 3+ years of people management experience leading customer-facing security or compliance teams.
• Demonstrated experience owning customer security questionnaires, RFPs, and trust center operations at a SaaS or technology company.
• Track record of directly engaging with customers (including executive-level security stakeholders) on security, privacy, and compliance topics.
• Strong understanding of common security frameworks and certifications (SOC 2, ISO 27001, ISO 27701, FedRAMP, GDPR, CCPA).
• Experience reviewing and negotiating security contract terms, DPAs, and privacy exhibits.
• Excellent communication skills—able to translate complex security concepts for technical and non-technical audiences, both written and verbal.
• Strong project management skills with ability to manage multiple priorities in a fast-paced environment.
• Executive presence and credibility to represent the company's security posture to enterprise customers.

Nice to Haves

• Experience at a cybersecurity company or high-growth B2B SaaS company.
• Familiarity with Trust Center platforms (SafeBase, Whistic, Conveyor, etc.) and GRC tools (Vanta, Drata, OneTrust, ServiceNow GRC).
• Professional certifications such as CIPP, CIPM, CISA, CISM, CISSP, CTPRP, or ISO 27001 Lead Auditor.
• Experience supporting FedRAMP authorization or working with federal/public sector customers.
• Background in security, compliance, or risk consulting (Big 4 or similar).
• Degree in information security, computer science, business, or related field.