Staff Product Security Engineer

6 months ago


Bengaluru, India Rippling Full time
About Rippling

Rippling is the first way for businesses to manage all of their HR & IT—payroll, benefits, computers, apps, and more—in one unified workforce platform.
By connecting every business system to one source of truth for employee data, businesses can automate all of the manual work they normally need to do to make employee changes. Take onboarding, for example. With Rippling, you can just click a button and set up a new employees’ payroll, health insurance, work computer, and third-party apps—like Slack, Zoom, and Office 365—all within 90 seconds.
Based in San Francisco, CA, Rippling has raised $1.2B from the world’s top investors—including Kleiner Perkins, Founders Fund, Sequoia, Greenoaks, and Bedrock—and was named one of America's best startup employers by Forbes.
We prioritize candidate safety. Please be aware that all official communication will only be sent from @ Rippling.com addresses.
About The Role

We're looking for a hands-on staff security engineer to play a key role in building Rippling's security program. Rippling's product’s scope provides a unique set of security challenges, but our management is especially supportive of security and compliance as a central function of the business. As an early member of Rippling's security team, you'll have a meaningful impact on the security program’s priorities and direction.

About the team

We are a diverse team of skilled security engineers that are passionate about pushing the boundaries of  security practices. We look to collaborate with our Engineering partners to find the right solution for our interesting challenges. Our team thrives on re-imagining approaches to traditional security to secure our vast ecosystem.


Our achievements are shared through our blogs and at conferences and meetups. 


A little more about our team:

  • Our Infrastructure Security team shared a blog about how they  streamlined AWS access  

  • We spoke at BSides SF about  attacking and defending infrastructure with terraform

  • Our Product Security lead talked about the  Future Application Security Engineers

  • Our Security Engineering lead talk about an  innovative way to reduce vulnerabilities in your organization  

What You'll Do
  • Build security tooling and automations to help scale the Product Security team’s practices 

  • Threat-model application designs and solutions and provide security assessments.

  • Audit source code and perform code review for critical application changes

  • Mentor software engineering teams in security best practices

  • Provide hands-on remediation guidance to development teams

  • Review & establish software development practices that make security an essential part of the development process

  • Develop / Integrate security into the Software Development Life Cycle

Qualifications
  • 8+ years of experience in an product security role

  • Experience leading architectural changes or complex cross team efforts to mitigate security vulnerabilities

  • Deep understanding of securing web applications

  • Fluency in Python, React, and Django Rest Framework

  • Experience with manual source code review, and embedding security to code in production environments.

  • Experience with deploying application security tools in the CI/CD pipeline

  • Experience with securing software development lifecycle including building programs that eliminate full classes of vulnerabilities

Bonus Points
  • Good understanding of SSO, including OAUTH, SAML
  • Experience with speaking at meetups or conferences
  • Experience running a bug bounty program

Additional Information
Rippling is an equal opportunity employer. We are committed to building a diverse and inclusive workforce and do not discriminate based on race, religion, color, national origin, ancestry, physical disability, mental disability, medical condition, genetic information, marital status, sex, gender, gender identity, gender expression, age, sexual orientation, veteran or military status, or any other legally protected characteristics, Rippling is committed to providing reasonable accommodations for candidates with disabilities who need assistance during the hiring process. To request a reasonable accommodation, please email   accomodations@rippling.com


  • Bengaluru, India Guidewire Full time

    Responsibilities:Proactively partner with teams across the organization (infrastructure, application engineering, data analytics, etc.) to define, promote and implement security best practices that improve the security posture of our infrastructure. Working closely with business units, product teams, DevOps engineers and/or SRE's to embed security...


  • Bengaluru, India Ambient Security Full time

    Ambient Security is an exciting new startup, looking to reduce the risk of privileged account takeovers and cyber attacks for large enterprises. The founder and CEO is a 7x cyber security entrepreneur with a track record of successful exits.Ws seeking software engineers at all levels to lead the design and implementation of innovative technologies. We are...


  • Bengaluru, India Ambient Security Full time

    Ambient Security is an exciting new startup, looking to reduce the risk of privileged account takeovers and cyber attacks for large enterprises. The founder and CEO is a 7x cyber security entrepreneur with a track record of successful exits.Ws seeking software engineers at all levels to lead the design and implementation of innovative technologies. We are...


  • Bengaluru, India Ambient Security Full time

    Ambient Security is an exciting new startup, looking to reduce the risk of privileged account takeovers and cyber attacks for large enterprises. The founder and CEO is a 7x cyber security entrepreneur with a track record of successful exits.Ws seeking software engineers at all levels to lead the design and implementation of innovative technologies. We are...


  • Bengaluru, India Ambient Security Full time

    Ambient Security is an exciting new startup, looking to reduce the risk of privileged account takeovers and cyber attacks for large enterprises. The founder and CEO is a 7x cyber security entrepreneur with a track record of successful exits.Ws seeking software engineers at all levels to lead the design and implementation of innovative technologies. We are...


  • Bengaluru, India Ambient Security Full time

    Ambient Security is an exciting new startup, looking to reduce the risk of privileged account takeovers and cyber attacks for large enterprises. The founder and CEO is a 7x cyber security entrepreneur with a track record of successful exits. Ws seeking software engineers at all levels to lead the design and implementation of innovative technologies. We are...


  • Bengaluru, Karnataka, India Menlo Security Full time

    Menlo Security's mission is enabling the world to connect, communicate and collaborate securely without compromise. COVID-19 has made our mission all the more real. We support customers across various enterprises including Fortune 500 companies, 9/10 of the largest global banks and the Department of Defense. Menlo is well-funded for growth and our investors...


  • Bengaluru, Karnataka, India GE HEALTHCARE Full time

    **Job Description Summary**: Responsible for hunting, detecting and responding to digital security threats. Demonstrates technical leadership abilities and strong comprehension of malware, emerging threats and calculating risk. GE HealthCare is a leading global medical technology and digital solutions innovator. Our purpose is to create a world where...


  • Bengaluru, India LinkedIn Full time

    Linked In is the world’s largest professional network, built to create economic opportunity for every member of the global workforce. Our products help people make powerful connections, discover exciting opportunities, build necessary skills, and gain valuable insights every day. We’re also committed to providing transformational opportunities for our...


  • Bengaluru, India ALTERYX Full time

    We’re looking for problem solvers, innovators, and dreamers who are searching for anything but business as usual. Like us, you’re a high performer who’s an expert at your craft, constantly challenging the status quo. You value inclusivity and want to join a culture that empowers you to show up as your authentic self. You know that success hinges on...


  • Bengaluru, India RSA Security Full time

    RSA - Application Security Engineer (Location: Hybrid/ Remote India) RSA offers mission-driven security solutions that provide organizations with a unified approach to managing digital risk that hinges on integrated visibility, automated insights and coordinated actions. RSA solutions are designed to effectively detect and respond to advanced...


  • Bengaluru, India Enphase Full time

    Enphase Energy is a global energy technology company and leading provider of solar, battery, and electric vehicle charging products. Founded in 2006, Enphase transformed the solar industry with our revolutionary microinverter technology, which turns sunlight into a safe, reliable, resilient, and scalable source of energy to power our lives. Today, the...


  • Bengaluru, India Ambient Security Full time

    Ambient Security is an exciting new startup, looking to reduce the risk of privileged account takeovers and cyber attacks for large enterprises. The founder and CEO is a 7x cyber security entrepreneur with a track record of successful exits.Ws seeking software engineers at all levels to lead the design and implementation of innovative technologies. We are...


  • Bengaluru, India Trellix Full time

    Senior Cloud Software Development EngineerSr SDETDeal Desk AnalystCountry Sales Leader / FSI Sales LeaderSenior Software Development EngineerSenior Security ResearcherSoftware Development Engineer in Test (SDET)Apprentice- HRSolutions EngineerSoftware Development Engineer in Test (SDET)Staff SDETProfessional Services ConsultantSenior Software Development...


  • Bengaluru, India Procore Technologies Full time

    Job DescriptionWe're looking for a Staff Engineer, Security Sustainment to join Procore's Cybersecurity department. In this role, you'll be responsible for ensuring Procore's security infrastructure is maintained at the highest level of protection and efficiency. The primary goal of this role is to support the security sustainment engineering team to...


  • Bengaluru, India Trellix Full time

    Staff Security Researcher /Staff Malware ResearcherHere are the some of the key skills which we are looking for it:Must have 10 to 16 years of experience in a Malware Researcher role with experience in building and deploying large scale machine learning systemsMalware analysis- Static and dynamic (aware of file structure like, PE, PDF, OLE, windows short cut...


  • Bengaluru, India Trellix Full time

    Senior Customer Success Manager, Public SectorSenior Customer Success ManagerPrincipal Customer Success ManagerSDETSenior Software Development EngineerSecurity ResearcherSoftware Development EngineerSenior Cloud Software Development EngineerSr SDETDeal Desk AnalystCountry Sales Leader / FSI Sales LeaderSenior Security ResearcherSoftware Development Engineer...


  • Bengaluru, India Trellix Full time

    Staff Security Researcher /Staff Malware ResearcherHere are the some of the key skills which we are looking for it:Must have 10 to 16 years of experience in a Malware Researcher role with experience in building and deploying large scale machine learning systemsMalware analysis- Static and dynamic (aware of file structure like, PE, PDF, OLE, windows short cut...


  • Bengaluru, India Trellix Full time

    Staff Security Researcher /Staff Malware ResearcherHere are the some of the key skills which we are looking for it:Must have 10 to 16 years of experience in a Malware Researcher role with experience in building and deploying large scale machine learning systemsMalware analysis- Static and dynamic (aware of file structure like, PE, PDF, OLE, windows short cut...


  • Bengaluru, India Trellix Full time

    Staff Security Researcher /Staff Malware Researcher Here are the some of the key skills which we are looking for it: Must have 10 to 16 years of experience in a Malware Researcher role with experience in building and deploying large scale machine learning systems Malware analysis- Static and dynamic (aware of file structure like, PE, PDF, OLE, windows short...