Security Engineer II, Offensive Security Job at Rippling in San Francisco

About Rippling Rippling gives businesses one place to run HR, IT, and Finance. It brings together all of the workforce systems that are normally scattered across a company, like payroll, expenses, benefits, and computers. For the first time ever, you can manage and automate every part of the employee lifecycle in a single system. About The Role Rippling is looking for a hands-on Security Engineer – Offensive Security to join our growing security team. In this role, you’ll design and execute offensive security initiatives that challenge our defenses, shape detection capabilities, and strengthen the resilience of a platform spanning HR, IT, Payments, Identity, and Infrastructure. What You'll Do Design and execute covert Red Team operations to measure Rippling’s readiness against advanced adversaries Conduct threat emulation, assumed breach, and purple team exercises across cloud infrastructure, endpoints, applications, and identity systems Build custom tooling and automation to accelerate offensive operations and reduce manual effort Partner with Blue Teams to improve detection and response engineering, aligning with MITRE ATT&CK and real-world TTPs Influence security investment and prioritization across Engineering, Operations, Finance, and Sales through threat-informed insights Lead post-engagement debriefs with technical teams and senior leadership, translating risk into clear, actionable recommendations Qualifications 2+ years in an offensive security or Red Team role (or equivalent hands-on experience) Demonstrated ability to break down complex problems into measurable, solvable components Proficiency in scripting (Python, PowerShell, Bash) and building Red Team tooling Experience automating offensive workflows and comfort with software development practices Hands-on experience with C2 frameworks (Cobalt Strike, Mythic, or custom-built alternatives) Deep understanding of attacker TTPs and common detection/response patterns Experience conducting or guiding cross-team architectural changes to reduce systemic risk Familiarity with cloud environments (AWS), SaaS ecosystems, and modern identity systems (SSO, OAuth, SAML, MFA) Excellent written and verbal communication, with the ability to translate technical risk for non-technical stakeholders Additional Information Rippling is an equal opportunity employer. We are committed to building a diverse and inclusive workforce and do not discriminate based on race, religion, color, national origin, ancestry, physical disability, mental disability, medical condition, genetic information, marital status, sex, gender, gender identity, gender expression, age, sexual orientation, veteran or military status, or any other legally protected characteristics. Rippling is committed to providing reasonable accommodations for candidates with disabilities who need assistance during the hiring process. To request a reasonable accommodation, please email accomodations@rippling.com Rippling highly values having employees working in-office to foster a collaborative work environment and company culture. For office-based employees, Rippling considers working in the office, at least three days a week under current policy, to be an essential function of the employee's role. Compensation This role will receive a competitive salary + benefits + equity. The salary for US-based employees will be aligned with one of the ranges below based on location; see which tier applies to your location here. 135,000 - 236,250 USD per year (US Tier 1) 121,500 - 212,625 USD per year (US Tier 2) 114,750 - 200,813 USD per year (US Tier 3) #J-18808-Ljbffr