Senior Product Security Engineer





About Rippling

Rippling is the first way for businesses to manage all of their HR & IT—payroll, benefits, computers, apps, and more—in one unified workforce platform.
By connecting every business system to one source of truth for employee data, businesses can automate all of the manual work they normally need to do to make employee changes. Take onboarding, for example. With Rippling, you can just click a button and set up a new employees’ payroll, health insurance, work computer, and third-party apps—like Slack, Zoom, and Office 365—all within 90 seconds.
Based in San Francisco, CA, Rippling has raised $700M from the world’s top investors—including Kleiner Perkins, Founders Fund, Sequoia, and Bedrock—and was named one of America’s best startup employers by Forbes (#12 out of 500).

About The Role

We're looking for a hands-on senior security engineer to play a key role in building Rippling's security program. Rippling's product’s scope provides a unique set of security challenges, but our management is especially supportive of security and compliance as a central function of the business. As an early member of Rippling's security team, you'll have a meaningful impact on the security program’s priorities and direction.

What You'll Do

  • Mentor software engineering teams in security best practices.
  • Threat-model application designs and solutions and provide security assessments.
  • Audit source code and perform code review for critical application changes
  • Provide hands-on remediation guidance to development teams
  • Review Establish software development practices that make security an essential part of the development process
  • Develop / Integrate security into the Software Development Life Cycle


  • 3+ years of experience in software development or application security role
  • Deep understanding of securing web applications
  • Fluency in Python, React, and Django Rest Framework
  • Experience with manual source code review, and embedding security to code in production environments.
  • Experience with deploying application security tools in the CI/CD pipeline
  • Experience with securing software development lifecycle including manual and automated application security testing

Bonus Points

  • Good understanding of SSO, including OAUTH, SAML
  • Experience with securing MDM software agents for Mac/Windows

If you don’t meet all of the requirements listed here, we still encourage you to apply. No job description is perfect, and we might find an even more suitable opportunity that matches your skills and experience.

Rippling is an equal opportunity employer. We are committed to building a diverse and inclusive workforce and do not discriminate based on race, religion, color, national origin, ancestry, physical disability, mental disability, medical condition, genetic information, marital status, sex, gender, gender identity, gender expression, age, sexual orientation, veteran or military status, or any other legally protected characteristics.  Rippling is committed to providing reasonable accommodations for candidates with disabilities who need assistance during the hiring process. To request a reasonable accommodation, please email accommodations[at]

We are committed both to the health of our employees and to promoting a safe and collaborative workplace, and vaccinations are the best way to end the COVID-19 pandemic and to protect our community. In the U.S., where permitted under federal and state law, all offers of employment will be conditioned upon new hires providing proof of vaccination prior to their start date, unless the individual qualifies for an accommodation. For all other locations, vaccinations are strongly encouraged.

CCPA Privacy Notice for California Applicants