Security Engineer II, Offensive Security

About The Role

Rippling is looking for a hands-on Security Engineer – Offensive Security to join our growing security team. In this role, you’ll design and execute offensive security initiatives that challenge our defenses, shape detection capabilities, and strengthen the resilience of a platform spanning HR, IT, Payments, Identity, and Infrastructure.

As an early member of the Red Team, you’ll apply an attacker’s mindset across Rippling’s people, processes, and technology—running realistic adversary simulations, uncovering vulnerabilities, and driving threat-informed defense across our most critical assets. This is a rare opportunity to have meaningful scope and visibility while building a program that influences company-wide security strategy.

About The Team

Our security engineering team is a diverse group of builders, breakers, and problem solvers. We partner closely with Engineering to design scalable solutions and rethink traditional security models for a rapidly growing ecosystem.

We recently shared our work at:

• Our Infrastructure Security team shared a blog about how they streamlined AWS access
• We spoke at BSides SF about attacking and defending infrastructure with terraform
• Our Product Security Director talked about the Strategies to Scale Security in Expanding Organizations

What You'll Do

• Design and execute covert Red Team operations to measure Rippling’s readiness against advanced adversaries
• Conduct threat emulation, assumed breach, and purple team exercises across cloud infrastructure, endpoints, applications, and identity systems
• Build custom tooling and automation to accelerate offensive operations and reduce manual effort
• Partner with Blue Teams to improve detection and response engineering, aligning with MITRE ATT&CK and real-world TTPs
• Influence security investment and prioritization across Engineering, Operations, Finance, and Sales through threat-informed insights
• Lead post-engagement debriefs with technical teams and senior leadership, translating risk into clear, actionable recommendations

Qualifications

• 2+ years in an offensive security or Red Team role (or equivalent hands-on experience)
• Demonstrated ability to break down complex problems into measurable, solvable components
• Proficiency in scripting (Python, PowerShell, Bash) and building Red Team tooling
• Experience automating offensive workflows and comfort with software development practices
• Hands-on experience with C2 frameworks (Cobalt Strike, Mythic, or custom-built alternatives)
• Deep understanding of attacker TTPs and common detection/response patterns
• Experience conducting or guiding cross-team architectural changes to reduce systemic risk
• Familiarity with cloud environments (AWS), SaaS ecosystems, and modern identity systems (SSO, OAuth, SAML, MFA)
• Excellent written and verbal communication, with the ability to translate technical risk for non-technical stakeholders

Additional Information

Rippling is an equal opportunity employer. We are committed to building a diverse and inclusive workforce and do not discriminate based on race, religion, color, national origin, ancestry, physical disability, mental disability, medical condition, genetic information, marital status, sex, gender, gender identity, gender expression, age, sexual orientation, veteran or military status, or any other legally protected characteristics, Rippling is committed to providing reasonable accommodations for candidates with disabilities who need assistance during the hiring process. To request a reasonable accommodation, please email accomodations@rippling.com

Rippling highly values having employees working in-office to foster a collaborative work environment and company culture. For office-based employees (employees who live within a defined radius of a Rippling office), Rippling considers working in the office, at least three days a week under current policy, to be an essential function of the employee's role.