Senior Security Engineer, Offensive Security

About Rippling

Rippling gives businesses one place to run HR, IT, and Finance. It brings together all of the workforce systems that are normally scattered across a company, like payroll, expenses, benefits, and computers. For the first time ever, you can manage and automate every part of the employee lifecycle in a single system.

Take onboarding, for example. With Rippling, you can hire a new employee anywhere in the world and set up their payroll, corporate card, computer, benefits, and even third-party apps like Slack and Microsoft 365—all within 90 seconds.

Based in San Francisco, CA, Rippling has raised $1.4B+ from the world’s top investors—including Kleiner Perkins, Founders Fund, Sequoia, Greenoaks, and Bedrock—and was named one of America's best startup employers by Forbes.

We prioritize candidate safety. Please be aware that all official communication will only be sent from @Rippling.com addresses.

About The Role

We're looking for a hands-on Senior Security Engineer - Offensive Security to join Rippling’s growing security team. As a key contributor, you’ll build and lead offensive security initiatives that challenge and improve our defensive capabilities. Our platform’s breadth—spanning HR, IT, Payment, Identity, access, and infrastructure—presents a rich attack surface and a unique opportunity to work on high-impact assessments across multiple domains.

As one of the first members of our security intelligence team at Rippling, you will shape our security intelligence discipline from the ground up and influence how we approach continuous learning and improvement mechanisms across detection, response, and engineering resilience across our systems.

About the team

We are a diverse team of skilled security engineers who are passionate about pushing the boundaries of security practices. We look to collaborate with our Engineering partners to find the right solution for our interesting challenges. Our team thrives on re-imagining approaches to traditional security to secure our vast ecosystem.

A little more about our team:

• Our Infrastructure Security team shared a blog about how they streamlined AWS access
• We spoke at BSides SF about attacking and defending infrastructure with terraform
• Our Product Security lead talked about the Future Application Security Engineers
• Our Security Engineering lead talks about an innovative way to reduce vulnerabilities in your organization

What You'll Do

• Design and execute end-to-end security intelligence exercises to evaluate Rippling’s security posture against detection and response capabilities
• Strategically influence our prioritization and security investments horizontally across all divisions of the company, from Engineering, Operations, Finance, Sales, and others
• Conduct targeted threat emulation, assumed breach, and purple team engagements across cloud infrastructure, endpoints, applications, and identity systems
• Develop custom tooling and automation to support offensive operations
• Perform post-engagement debriefs to the company C-Suite and senior leadership

Qualifications

• 5+ years of experience in a offensive security engineer role
• Experience breaking down complex security problems into measurable and solvable pieces
• Proficiency in scripting languages (e.g., Python, PowerShell, Bash) and developing red team tooling
• • Experience with automation and are not afraid of software development
  • Experience with deploying application security tools in the CI/CD pipeline
• Deep understanding of common vulnerabilities and operational weaknesses
• Experience with C2 frameworks such as Cobalt Strike, Mythic, or custom-built alternatives
• Deep understanding of attacker TTPs (e.g., MITRE ATT&CK) and how they apply to real-world environments
• Strong understanding of common detection and response patterns; ability to collaborate with blue teams effectively
• Experience leading architectural changes or complex cross-team efforts to mitigate security vulnerabilities
• Familiarity with cloud (AWS), SaaS, and modern identity systems (SSO, OAuth, SAML, MFA
• Excellent communication and reporting skills, including the ability to convey technical risk to non-technical audiences

Additional Information

Rippling is an equal opportunity employer. We are committed to building a diverse and inclusive workforce and do not discriminate based on race, religion, color, national origin, ancestry, physical disability, mental disability, medical condition, genetic information, marital status, sex, gender, gender identity, gender expression, age, sexual orientation, veteran or military status, or any other legally protected characteristics, Rippling is committed to providing reasonable accommodations for candidates with disabilities who need assistance during the hiring process. To request a reasonable accommodation, please email accomodations@rippling.com

Rippling highly values having employees working in-office to foster a collaborative work environment and company culture. For office-based employees (employees who live within a defined radius of a Rippling office), Rippling considers working in the office, at least three days a week under current policy, to be an essential function of the employee's role.

This role will receive a competitive salary + benefits + equity. The salary for US-based employees will be aligned with one of the ranges below based on location; see which tier applies to your location here.

A variety of factors are considered when determining someone’s compensation–including a candidate’s professional background, experience, and location. Final offer amounts may vary from the amounts listed below.