Staff Product Security Engineer - Rippling

Key Responsibilities

• Architect and implement security controls across the product lifecycle, ensuring compliance with industry standards and best practices.
• Conduct threat modeling, risk assessments, and penetration tests to identify and remediate vulnerabilities in code, infrastructure, and third‑party integrations.
• Collaborate with engineering, product, and operations teams to embed security into CI/CD pipelines, automated testing, and deployment workflows.
• Lead incident response efforts, perform root‑cause analysis, and develop post‑mortem documentation to prevent recurrence.
• Advise on secure design patterns, secure coding guidelines, and secure architecture reviews for new features and platform enhancements.

Requirements

• 5+ years of experience in security engineering or related roles within SaaS or cloud‑native environments.
• Deep knowledge of AWS security services (IAM, KMS, GuardDuty, Security Hub) and experience with container and serverless security.
• Proficiency in secure coding practices for languages such as Python, JavaScript/Node.js, or Go.
• Hands‑on experience with penetration testing tools (Burp Suite, OWASP ZAP, Metasploit) and vulnerability scanning platforms.
• Strong communication skills and ability to influence cross‑functional teams on security matters.