Senior Application Security Engineer
Rippling is the first way for businesses to manage their HR & IT — from payroll and benefits, to employee computers and apps — all in one, modern system.
In just 90-seconds, a company can set up (or disable) an employee’s payroll, health insurance, work computer, and third-party apps, like Gmail, Microsoft Office, and Slack. It’s the only platform that truly unifies every employee system, and automates all of the administrative work.
Rippling is headquartered in San Francisco and has raised over $200M from top-tier investors, including Founders Fund, Greenoaks Capital, Coatue Management, Kleiner Perkins, and YCombinator.
We're looking for a hands-on senior security engineer to play a key role in building Rippling's security program. Rippling's product’s scope provides a unique set of security challenges, but our management is especially supportive of security and compliance as a central function of the business. As an early member of Rippling's security team, you'll have a meaningful impact on the security program’s priorities and direction.
What You'll Do:
- Mentor software engineering teams in security best practices.
- Threat-model application designs and solutions and provide security assessments.
- Audit source code and perform code review for critical application changes
- Provide hands-on remediation guidance to development teams
- Review Establish software development practices that make security an essential part of the development process
- Develop / Integrate security into the Software Development Life Cycle
Qualifications:
- 3+ years of experience in software development or application security role
- Deep understanding of securing web applications
- Fluency in Python, React, and Django Rest Framework
- Experience with manual source code review, and embedding security to code in production environments.
- Experience with deploying application security tools in the CICD pipeline
- Experience with securing software development lifecycle including manual and automated application security testing
Bonus Points:
- Good understanding of SSO, including OAUTH, SAML
- Experience with securing MDM software agents for Mac/Windows
Even if you don’t meet all of the requirements listed here, we still encourage you to apply. Skills can be used in lots of different ways and your life and professional experience may be relevant beyond what a list of requirements will capture.
Rippling is an equal opportunity employer.