Staff Product Security Engineer
Rippling · New York, NY · 2 wk ago
On-siteEngineeringFull-time
What You'll Do
- Build guardrails and controls to eliminate full classes of vulnerabilities within the Rippling application
- Build security tooling and automations to help scale the Product Security team’s practices
- Threat-model application designs and solutions and provide security assessments
- Audit source code and perform code review for critical application changes
- Mentor software engineering teams in security best practices
- Provide hands-on remediation guidance to development teams
- Review & establish software development practices that make security an essential part of the development process
- Develop / Integrate security into the Software Development Life Cycle
Qualifications
- 10+ years of experience in an product security role
- Experience leading architectural changes or complex cross team efforts to mitigate security vulnerabilities
- Deep understanding of securing web applications
- Fluency in Python, React, and Django Rest Framework
- Experience with manual source code review, and embedding security to code in production environments
- Experience with deploying application security tools in the CI/CD pipeline
- Experience with securing software development lifecycle including building programs that eliminate full classes of vulnerabilities
- Good understanding of SSO, including OAUTH, SAML
- Experience with speaking at meetups or conferences
- Experience running a bug bounty program