Rippling
Security Engineer II, Offensive Security
Rippling, San Francisco, California, United States, 94199
Security Engineer II, Offensive Security
About Rippling
Rippling gives businesses one place to run HR, IT, and Finance. It brings together all of the workforce systems that are normally scattered across a company, like payroll, expenses, benefits, and computers. For the first time ever, you can manage and automate every part of the employee lifecycle in a single system.
Based in San Francisco, CA, Rippling has raised $1.4B+ from the world’s top investors—including Kleiner Perkins, Founders Fund, Sequoia, Greenoaks, and Bedrock—and was named one of America's best startup employers by Forbes. We prioritize candidate safety. Please be aware that all official communication will only be sent from @Rippling.com addresses.
About The Role Rippling is looking for a hands‑on Security Engineer – Offensive Security to join our growing security team. In this role, you’ll design and execute offensive security initiatives that challenge our defenses, shape detection capabilities, and strengthen the resilience of a platform spanning HR, IT, Payments, Identity, and Infrastructure. As an early member of the Red Team, you’ll apply an attacker’s mindset across Rippling’s people, processes, and technology—running realistic adversary simulations, uncovering vulnerabilities, and driving threat‑informed defense across our most critical assets. This is a rare opportunity to have meaningful scope and visibility while building a program that influences company‑wide security strategy.
About The Team Our security engineering team is a diverse group of builders, breakers, and problem solvers. We partner closely with Engineering to design scalable solutions and rethink traditional security models for a rapidly growing ecosystem.
What You’ll Do
Design and execute covert Red Team operations to measure Rippling’s readiness against advanced adversaries.
Conduct threat emulation, assumed breach, and purple team exercises across cloud infrastructure, endpoints, applications, and identity systems.
Build custom tooling and automation to accelerate offensive operations and reduce manual effort.
Partner with Blue Teams to improve detection and response engineering, aligning with MITRE ATT&CK and real‑world TTPs.
Influence security investment and prioritization across Engineering, Operations, Finance, and Sales through threat‑informed insights.
Lead post‑engagement debriefs with technical teams and senior leadership, translating risk into clear, actionable recommendations.
Qualifications
2+ years in an offensive security or Red Team role (or equivalent hands‑on experience).
Demonstrated ability to break down complex problems into measurable, solvable components.
Proficiency in scripting (Python, PowerShell, Bash) and building Red Team tooling.
Experience automating offensive workflows and comfort with software development practices.
Hands‑on experience with C2 frameworks (Cobalt Strike, Mythic, or custom‑built alternatives).
Deep understanding of attacker TTPs and common detection/response patterns.
Experience conducting or guiding cross‑team architectural changes to reduce systemic risk.
Familiarity with cloud environments (AWS), SaaS ecosystems, and modern identity systems (SSO, OAuth, SAML, MFA).
Excellent written and verbal communication, with the ability to translate technical risk for non‑technical stakeholders.
Additional Information Rippling is an equal opportunity employer. We are committed to building a diverse and inclusive workforce and do not discriminate based on race, religion, color, national origin, ancestry, physical disability, mental disability, medical condition, genetic information, marital status, sex, gender, gender identity, gender expression, age, sexual orientation, veteran or military status, or any other legally protected characteristics. Rippling is committed to providing reasonable accommodations for candidates with disabilities who need assistance during the hiring process. To request a reasonable accommodation, please email accommodations@rippling.com.
Rippling highly values having employees working in‑office to foster a collaborative work environment and company culture. For office‑based employees (employees who live within a defined radius of a Rippling office), Rippling considers working in the office, at least three days a week under current policy, to be an essential function of the employee’s role.
Salary ranges (US) – the final offer will be aligned with one of the following tiers based on location:
US Tier 1: $135,000 – $236,250 per year.
US Tier 2: $121,500 – $212,625 per year.
US Tier 3: $114,750 – $200,813 per year.
#J-18808-Ljbffr
Based in San Francisco, CA, Rippling has raised $1.4B+ from the world’s top investors—including Kleiner Perkins, Founders Fund, Sequoia, Greenoaks, and Bedrock—and was named one of America's best startup employers by Forbes. We prioritize candidate safety. Please be aware that all official communication will only be sent from @Rippling.com addresses.
About The Role Rippling is looking for a hands‑on Security Engineer – Offensive Security to join our growing security team. In this role, you’ll design and execute offensive security initiatives that challenge our defenses, shape detection capabilities, and strengthen the resilience of a platform spanning HR, IT, Payments, Identity, and Infrastructure. As an early member of the Red Team, you’ll apply an attacker’s mindset across Rippling’s people, processes, and technology—running realistic adversary simulations, uncovering vulnerabilities, and driving threat‑informed defense across our most critical assets. This is a rare opportunity to have meaningful scope and visibility while building a program that influences company‑wide security strategy.
About The Team Our security engineering team is a diverse group of builders, breakers, and problem solvers. We partner closely with Engineering to design scalable solutions and rethink traditional security models for a rapidly growing ecosystem.
What You’ll Do
Design and execute covert Red Team operations to measure Rippling’s readiness against advanced adversaries.
Conduct threat emulation, assumed breach, and purple team exercises across cloud infrastructure, endpoints, applications, and identity systems.
Build custom tooling and automation to accelerate offensive operations and reduce manual effort.
Partner with Blue Teams to improve detection and response engineering, aligning with MITRE ATT&CK and real‑world TTPs.
Influence security investment and prioritization across Engineering, Operations, Finance, and Sales through threat‑informed insights.
Lead post‑engagement debriefs with technical teams and senior leadership, translating risk into clear, actionable recommendations.
Qualifications
2+ years in an offensive security or Red Team role (or equivalent hands‑on experience).
Demonstrated ability to break down complex problems into measurable, solvable components.
Proficiency in scripting (Python, PowerShell, Bash) and building Red Team tooling.
Experience automating offensive workflows and comfort with software development practices.
Hands‑on experience with C2 frameworks (Cobalt Strike, Mythic, or custom‑built alternatives).
Deep understanding of attacker TTPs and common detection/response patterns.
Experience conducting or guiding cross‑team architectural changes to reduce systemic risk.
Familiarity with cloud environments (AWS), SaaS ecosystems, and modern identity systems (SSO, OAuth, SAML, MFA).
Excellent written and verbal communication, with the ability to translate technical risk for non‑technical stakeholders.
Additional Information Rippling is an equal opportunity employer. We are committed to building a diverse and inclusive workforce and do not discriminate based on race, religion, color, national origin, ancestry, physical disability, mental disability, medical condition, genetic information, marital status, sex, gender, gender identity, gender expression, age, sexual orientation, veteran or military status, or any other legally protected characteristics. Rippling is committed to providing reasonable accommodations for candidates with disabilities who need assistance during the hiring process. To request a reasonable accommodation, please email accommodations@rippling.com.
Rippling highly values having employees working in‑office to foster a collaborative work environment and company culture. For office‑based employees (employees who live within a defined radius of a Rippling office), Rippling considers working in the office, at least three days a week under current policy, to be an essential function of the employee’s role.
Salary ranges (US) – the final offer will be aligned with one of the following tiers based on location:
US Tier 1: $135,000 – $236,250 per year.
US Tier 2: $121,500 – $212,625 per year.
US Tier 3: $114,750 – $200,813 per year.
#J-18808-Ljbffr