At Webflow, we’re building the world’s leading AI-native Digital Experience Platform, and we’re doing it as a remote-first company built on trust, transparency, and a whole lot of creativity. This work takes grit, because we move fast, without ever sacrificing craft or quality. Our mission is to bring development superpowers to everyone. From entrepreneurs launching their first idea to global enterprises scaling their digital presence, we empower teams to design, launch, and optimize for the web without barriers. We believe the future of the web, and work, is more open, more creative, and more equitable. And we’re here to build it together.

We’re looking for a Supply Chain Manager to help us build and scale a world-class Security Vendor Risk Management program that enables Webflow to move fast with confidence. You’ll transform third-party risk management from a reactive compliance function into a proactive, data-informed capability—leveraging automation, actionable metrics, and cross-functional partnership to anticipate emerging threats before they impact the business.

You will ensure that as Webflow grows, innovates, and integrates new technologies—including AI—our external ecosystem remains secure, resilient, and aligned with the high bar of quality, craft, and customer trust that defines our brand.

About the role:

• Location: Remote-first (United States; BC & ON, Canada)
• Part-Time
• Permanent
• Exempt
• The cash compensation for this role is tailored to align with the cost of labor in different geographic markets. We've structured the base pay ranges for this role into zones for our geographic markets, and the specific base pay within the range will be determined by the candidate’s geographic location, job-related experience, knowledge, qualifications, and skills.
  • United States (all figures cited below are in USD and pertain to workers in the United States)
    • Zone A: $172,000 - $262,000
    • Zone B: $161,000 - $247,000
    • Zone C: $151,000 - $231,000
  • Canada (figures cited below are in CAD and pertain to workers in ON & BC, Canada)
    • $195,000 - $298,000

This role is also eligible to participate in Webflow's company-wide bonus program. Target amounts are a percentage of base salary and vary by career level. Payouts are based on company performance against established financial and operational goals.

Reporting to the Senior Manager, Security Compliance

As a Security Supply Chain Manager, you’ll …

• Own and lead the end-to-end Security Supply Chain Risk Management program, including strategy, governance, tooling, and continuous improvement across third-party, software, and vendor ecosystems.
• Perform detailed third-party security risk assessments aligned with industry frameworks (e.g. SOC, ISO 27001, NIST), evaluating control effectiveness, data handling practices, and supply chain security risks.
• Drive cross-functional alignment across Security, IT, Legal, and Procurement serving as the subject matter expert on external supply chain risk and ensuring comprehensive risk visibility and coverage.
• Train and educate employees on supply chain security best practices and ensure awareness throughout the organization
• Establish automation, metrics, and threat monitoring capabilities to proactively identify emerging supply chain risks, quantify exposure, and continuously strengthen the organization’s third-party and software security posture.
• Contribute to the development and maintenance of security vendor risk management policies and procedures

About you:

Requirements:

• BA/BS degree or equivalent experience
• 7+ experience in Security Supply Chain, Vendor Risk Manager, Vendor Due Diligence or relevant work experience.
• Knowledgeable in security supply chain fundamentals, including common frameworks & privacy regulations

You’ll thrive as a Security Supply Chain Manager if you:

• Think beyond individual assessments to design, scale, and mature a full supply chain security program, aligning security strategy with business objectives and global risk exposure.
• Established Vendor Risk Management programs that truly orient on risk based outcomes, not just boiler plate workflow
• Able to interpret complex technical findings (architecture reviews, software risks, penetration testing results, threat intelligence) and translate them into quantified business risk and prioritized action plans.
• Anticipates emerging supply chain threats, geopolitical risks, and industry trends, implementing preventative controls and automation before risks materially impact the organization.
• Regularly refines assessment methodologies, metrics (KPIs/KRIs), and monitoring practices to mature the Security Supply Chain Risk Management program over time.
• Build with an AI first focus to reduce friction and increase velocity to enable the business
• Stay curious and open to growth — actively building fluency in emerging technologies like AI to unlock creativity, accelerate progress, and amplify impact.

Our Core Behaviors:

• Build lasting customer trust. We build trust by taking action that puts customer trust first.
• Win together. We play to win, and we win as one team. Success at Webflow isn't a solo act.
• Reinvent ourselves. We don't just improve what exists, we imagine what's possible.
• Deliver with speed, quality, and craft. We move fast because the moment demands it, and we do so without lowering the bar.

Benefits

• Ownership in what you help build. Every permanent Webflower receives equity (RSUs) in our growing, privately held company.
• Health coverage that actually covers you. Comprehensive medical, dental, and vision plans for full-time employees and their dependents, with Webflow covering most premiums.
• Support for every stage of family life. 12 weeks of paid parental leave for all parents and 6+ weeks of additional paid leave for birthing parents. Plus inclusive care for family planning, menopause, and midlife transitions.
• Time off that’s actually off. Flexible vacation, paid holidays, and a sabbatical program to help you recharge and come back inspired.
• Wellness for the whole you. Access to mental health resources, therapy and coaching.
• Invest in your future. A 401(k) with 100% employer match (up to $6,000/year) in the U.S., and support for retirement savings globally.
• Monthly stipends that flex with your life. Localized support for work and wellness expenses — from Wi-Fi to workouts.
• Bonus for building together. All full-time, permanent, non-commission employees are eligible for our annual WIN bonus program.