Jobs · Engineering · California

Senior Product Security Engineer

Rippling · San Francisco, CA · 2 wk ago
On-siteEngineeringFull-time

About the role

We're looking for a hands-on staff security engineer to play a key role in building Rippling's Product Security program. Rippling's product's scope provides a unique set of security challenges, but our management is especially supportive of security and compliance as a central function of the business.

About The Team

We are a diverse team of skilled security engineers that are passionate about pushing the boundaries of security practices. We look to collaborate with our Engineering partners to find the right solution for our interesting challenges. Our team thrives on re-imagining approaches to traditional security to secure our vast ecosystem.

What You'll Do

  • Build guardrails and controls to eliminate full classes of vulnerabilities within the Rippling application
  • Build security tooling and automations to help scale the Product Security team’s practices
  • Threat-model application designs and solutions and provide security assessments
  • Audit source code and perform code review for critical application changes
  • Mentor software engineering teams in security best practices
  • Provide hands-on remediation guidance to development teams
  • Review & establish software development practices that make security an essential part of the development process
  • Develop / Integrate security into the Software Development Life Cycle

Qualifications

  • 5+ years of experience in an product security role
  • Experience leading architectural changes or complex cross team efforts to mitigate security vulnerabilities
  • Deep understanding of securing web applications
  • Fluency in Python, React, and Django Rest Framework
  • Experience with manual source code review, and embedding security to code in production environments
  • Experience with deploying application security tools in the CI/CD pipeline
  • Experience with securing software development lifecycle including building programs that eliminate full classes of vulnerabilities

Bonus Points

  • Good understanding of SSO, including OAUTH, SAML
  • Experience with speaking at meetups or conferences
  • Experience running a bug bounty program

Additional Information

  • Ripping is an equal opportunity employer.
  • We are committed to providing reasonable accommodations for candidates with disabilities who need assistance during the hiring process.
  • To request a reasonable accommodation, please email accommodations@rippling.com.
  • Ripping highly values in-office collaboration. Employees living within 30 miles of an office are expected to work onsite three days a week with those living 30-49.9 miles away expected to be in the office one day a week. Employees living over 50 miles away are required to relocate within 30 miles of an office.
  • To enhance team cohesiveness, new employees are asked to work onsite three days a week for their first six months.
  • This role will receive a competitive salary + benefits + equity. The salary for US-based employees will be aligned with one of the ranges below based on location; see which tier applies to your location here.

Similar jobs