Senior Product Security Engineer

Rippling gives businesses one place to run HR IT and Finance It brings together all of the workforce systems that are normally scattered across a company like payroll expenses benefits and computers For the first time ever you can manage and automate every part of the employee lifecycle in a single system Take onboarding for example With Rippling you can hire a new employee anywhere in the world and set up their payroll corporate card computer benefits and even third-party apps like Slack and Microsoft 365-all within 90 seconds Based in San Francisco CA from the world s top investors-including Kleiner Perkins Founders Fund Sequoia Greenoaks and Bedrock-and was named one of America s best startup employers by Forbes We prioritize candidate safety Please be aware that all official communication will only be sent from addresses About The Role We re looking for a hands-on Senior Security Engineer to play a key role in building Rippling s security program Rippling s product s scope provides a unique set of security challenges but our management is especially supportive of security and compliance as a central function of the business As an early member of Rippling s security team you ll have a meaningful impact on the security program s priorities and direction About the team We are a diverse team of skilled security engineers that are passionate about pushing the boundaries of security practices We look to collaborate with our Engineering partners to find the right solution for our interesting challenges Our team thrives on re-imagining approaches to traditional security to secure our vast ecosystem Our achievements are shared through our blogs and at conferences and meetups A little more about our team Our Infrastructure Security team shared a blog about how they We spoke at BSides SF about Our Product Security lead talked about the Our Security Engineering lead talk about an What You ll Do Develop and maintain a security architecture strategy evaluate security technologies and ensure compliance through design and architecture reviews Provide full SDLC support for new product features developed by engineering and non-engineering teams including threat modeling design reviews manual code reviews and exploit writing Conduct system security and vulnerability analyses provide risk mitigation recommendations and mentor team members in security best practices Build automations or secure paved paths to make it easier for Product Security to scale with the business Qualifications 8 years of experience in an product security role Experience leading architectural changes or complex cross team efforts to mitigate security vulnerabilities Familiar with security frameworks e g NIST SSDF and regulations e g GDPR HIPAA Deep understanding of securing web applications Fluency in Python React and Django Rest Framework Experience with manual source code review and embedding security to code in production environments Experience with deploying application security tools in the CI CD pipeline Experience with securing software development lifecycle including building programs that eliminate full classes of vulnerabilities Bonus Points Good understanding of SSO including OAUTH SAML Experience with speaking at meetups or conferences Experience running a bug bounty program Additional Information Rippling is an equal opportunity employer We are committed to building a diverse and inclusive workforce and do not discriminate based on race religion color national origin ancestry physical disability mental disability medical condition genetic information marital status sex gender gender identity gender expression age sexual orientation veteran or military status or any other legally protected characteristics Rippling is committed to providing reasonable accommodations for candidates with disabilities who need assistance during the hiring process To request a reasonable accommodation please email