Senior Detection and Response Engineer

3 Months ago • 8 Years + • Software Development & Engineering

Job Summary

Job Description

Rippling is seeking a Senior Detection and Response Engineer to join their Detection and Response Team (DART). The role involves building a world-class incident response function, navigating security incidents, driving process improvements, and fostering a culture of learning from mistakes. The engineer will also develop tools and detection infrastructure to scale detection and response capabilities across production and corporate environments. Key responsibilities include responding to security events, performing investigations, analyzing incidents, communicating with stakeholders, and contributing to process and technology enhancements. The role also involves developing tools for security telemetry data, automating workflows, optimizing detection rules, and leading threat hunting practices.
Must have:
  • 8+ years of security engineer experience (monitoring, IR, threat hunting)
  • Understanding of offensive security and compromise scenarios
  • Experience leading complex investigations
  • Strong communication skills
  • Expertise in AWS security controls
  • Experience leveraging coding for automation
  • Knowledge of adversary TTPs and MITRE ATT&CK
  • Hands-on data analysis and correlation experience
  • OS internals and forensics (macOS, Windows, Linux)
  • Experience with SIEM and SOAR platforms
  • Experience developing tools/automation with DevOps
  • Understanding of malware functionality
  • Ability to analyze logs for anomalous events
Good to have:
  • Build tools to gather security telemetry
  • Automate workflows and improve response time
  • Develop runbooks and incident playbooks

Job Details

About Rippling

Rippling gives businesses one place to run HR, IT, and Finance. It brings together all of the workforce systems that are normally scattered across a company, like payroll, expenses, benefits, and computers. For the first time ever, you can manage and automate every part of the employee lifecycle in a single system.

Take onboarding, for example. With Rippling, you can hire a new employee anywhere in the world and set up their payroll, corporate card, computer, benefits, and even third-party apps like Slack and Microsoft 365—all within 90 seconds.

Based in San Francisco, CA, Rippling has raised $1.4B+ from the world’s top investors—including Kleiner Perkins, Founders Fund, Sequoia, Greenoaks, and Bedrock—and was named one of America's best startup employers by Forbes.

We prioritize candidate safety. Please be aware that all official communication will only be sent from @Rippling.com addresses.


About the role

We are looking for an experienced Security Engineer to join our Detection and Response Team (DART).  You will help us build out a world class incident response function that will navigate challenging security incidents, drive process improvement, develop an open culture where we grow from our mistakes as an organization.   In this role, you will also build the tools and detection infrastructure that we need to scale our detection and response capability across all threats to our Production and Corporate environments.


What you will do

  • Respond to security events, triage, perform investigations, incident analysis, and communicate clearly and efficiently to stakeholders
  • Contribute to improving processes, procedures, and technologies used for detection and response, enabling us to improve after each incident
  • Develop and run tools to gather security telemetry data from cloud production systems 
  • Automate workflows and improve identification and response time for security events
  • Build and optimize detection rules, allowing us to spend our cycles on the alerts that matter
  • Develop runbooks and incident playbooks for new and existing detections
  • Lead Threat hunting practices, suggest product and infrastructure signals to surface attacks and incorporate findings into security controls


What you will need

  • 8+ years of full-time experience as a security engineer, including security monitoring, incident response, and threat hunting in a cloud environment
  • A defensive practitioner who understands offensive security and, the actual scenarios that lead to compromise
  • Prior experience leading complex investigations with a large number of stakeholders
  • Strong communication skills and a proven track record of communicating with internal and external stakeholders at all levels.
  • Expertise on AWS security controls and services. 
  • Experience leveraging coding for automation, alert enrichment and detections. 
  • Knowledge of adversary tactics, techniques, and procedures (TTPs) and MITRE ATT&CK principles
  • Hands-on experience with data analysis, modeling, and correlation at scale
  • Operating systems internals and forensics experience for macOS, Windows & Linux
  • Domain experience managing and working with current SIEM and SOAR platforms
  • Experience developing tools and automation using common DevOps toolsets and programming languages
  • Understanding of malware functionality and persistence mechanisms
  • Ability to analyze endpoint, network, and application logs for anomalous events


Additional Information

Rippling is an equal opportunity employer. We are committed to building a diverse and inclusive workforce and do not discriminate based on race, religion, color, national origin, ancestry, physical disability, mental disability, medical condition, genetic information, marital status, sex, gender, gender identity, gender expression, age, sexual orientation, veteran or military status, or any other legally protected characteristics, Rippling is committed to providing reasonable accommodations for candidates with disabilities who need assistance during the hiring process. To request a reasonable accommodation, please email accomodations@rippling.com

Rippling highly values having employees working in-office to foster a collaborative work environment and company culture. For office-based employees (employees who live within a defined radius of a Rippling office), Rippling considers working in the office, at least three days a week under current policy, to be an essential function of the employee's role.

Similar Jobs

Adyen - Senior Compliance Officer - Payment Networks

Adyen

San Francisco, California, United States (On-Site)
1 Week ago
Rackspace Technology - Oracle EBS Finance Functional Support Analyst V

Rackspace Technology

Gurugram, Haryana, India (Remote)
1 Week ago
Notion - Software Engineer, Deploy Observability Infra

Notion

San Francisco, California, United States (On-Site)
1 Month ago
Ion - Front End Developer - Italy

Ion

Collecchio, Emilia-Romagna, Italy (On-Site)
9 Months ago
creative assembly - Senior / Principal VFX Artist

creative assembly

Horsham, England, United Kingdom (Hybrid)
4 Months ago
Assystems - Design Engineer - Instrumentation (Substation)

Assystems

Gurugram, Haryana, India (On-Site)
8 Months ago
Apple - Software Engineer - Apple TV App

Apple

San Francisco, California, United States (On-Site)
2 Months ago
Apple - CAD Engineer - RTL Construction

Apple

Cupertino, California, United States (On-Site)
2 Months ago
Advanced Systems Group, LLC - Implementation Engineer

Advanced Systems Group, LLC

Emeryville, California, United States (On-Site)
1 Year ago
Qualcomm - SOC Verification and Methodology Engineer - Sr Staff

Qualcomm

San Diego, California, United States (On-Site)
1 Month ago

Get notifed when new similar jobs are uploaded

Similar Skill Jobs

NCS Soft - Partnerships Manager

NCS Soft

Irvine, California, United States (On-Site)
1 Month ago
GoDaddy - Account Executive

GoDaddy

United States (Remote)
1 Week ago
Samsung Semiconductor - Principal Engineer, Device Modeling

Samsung Semiconductor

San Jose, California, United States (On-Site)
3 Months ago
Cadence - Master Planner

Cadence

San Jose, California, United States (On-Site)
1 Month ago
CyberArk - Director of Procurement

CyberArk

Newton, Massachusetts, United States (Hybrid)
2 Months ago
quience - Production Manager- Apparel

quience

Bengaluru, Karnataka, India (On-Site)
1 Week ago
attentive - Senior Sales Development Representative

attentive

Sydney, New South Wales, Australia (Hybrid)
1 Week ago
Buckman - Sr Lead Digital Software Engineer - Front End

Buckman

Chennai, Tamil Nadu, India (On-Site)
9 Months ago
Xsolla - Product Marketing Manager (Monetization)

Xsolla

Berlin, Berlin, Germany (Remote)
1 Month ago
DevRev - Demand Generation Content Writer

DevRev

Chennai, Tamil Nadu, India (On-Site)
1 Month ago

Get notifed when new similar jobs are uploaded

Jobs in Bengaluru, Karnataka, India

Pattern - Senior Software Engineer - NodeJS

Pattern

Pune, Maharashtra, India (On-Site)
9 Months ago
Nagarro - Staff Engineer, Frontend React

Nagarro

Chennai, Tamil Nadu, India (On-Site)
8 Months ago
Accenture - Software Configuration Engineer

Accenture

Bengaluru, Karnataka, India (On-Site)
1 Month ago
Spaulding Ridge - Senior Data Engineer/Data Architect

Spaulding Ridge

Jaipur, Rajasthan, India (On-Site)
2 Months ago
Qualcomm - DDR Design Verification Staff Engineer

Qualcomm

Hyderabad, Telangana, India (On-Site)
1 Month ago
Nagarro - Staff Consultant ,SAP Analytics Data Manageme

Nagarro

India (Remote)
8 Months ago
Luxoft - Senior Java Developer

Luxoft

Pune, Maharashtra, India (On-Site)
7 Months ago
Bito - Software Development Engineer IV - Lead

Bito

Pune, Maharashtra, India (Hybrid)
4 Weeks ago
PhonePe - Site Reliability Engineer 2 - Network Operations Engineer

PhonePe

Pune, Maharashtra, India (On-Site)
1 Week ago
luxsoft - Senior Automation Tester

luxsoft

Bengaluru, Karnataka, India (On-Site)
3 Weeks ago

Get notifed when new similar jobs are uploaded

Software Development & Engineering Jobs

Anthology  Inc  - Senior Software Engineer

Anthology Inc

Bengaluru, Karnataka, India (Hybrid)
2 Months ago
Coda - Senior/Staff Software Engineer, Custom Commerce

Coda

Kuala Lumpur, Federal Territory Of Kuala Lumpur, Malaysia (Hybrid)
1 Year ago
Apple - Software Engineer, Mail Experience

Apple

Cupertino, California, United States (On-Site)
4 Weeks ago
Mozilla - Sync Software Engineer

Mozilla

Canada (Remote)
1 Week ago
Scale AI - Engineering Manager, Robotics

Scale AI

San Francisco, California, United States (On-Site)
2 Months ago
Nasdaq - Software Engineer, Sr Specialist

Nasdaq

Philadelphia, Pennsylvania, United States (Hybrid)
1 Month ago
Nagarro - Associate Principal Engineer

Nagarro

New York, New York, United States (On-Site)
8 Months ago
Rippling - Senior Forward Deployed Engineer

Rippling

Austin, Texas, United States (On-Site)
4 Months ago
PlayGig - Lead Engineer

PlayGig

El Segundo, California, United States (On-Site)
3 Months ago
Activision - Senior IT Engineer

Activision

Dublin, County Dublin, Ireland (On-Site)
1 Year ago

Get notifed when new similar jobs are uploaded

About The Company

Sydney, New South Wales, Australia (Hybrid)

Costa Rica (Remote)

Seattle, Washington, United States (On-Site)

Seattle, Washington, United States (On-Site)

San Francisco, California, United States (On-Site)

San Francisco, California, United States (On-Site)

New York, United States (On-Site)

New York, United States (On-Site)

Bengaluru, Karnataka, India (On-Site)

View All Jobs

Get notified when new jobs are added by Rippling

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug