Senior Security Engineer - Corporate SecurityEngineeringRemote (United States)

Current Openings Senior Security Engineer - Corporate Security Senior Security Engineer - Corporate Security About Rippling Rippling gives businesses one place to run HR, IT, and Finance. It brings together all of the workforce systems that are normally scattered across a company, like payroll, expenses, benefits, and computers. For the first time ever, you can manage and automate every part of the employee lifecycle in a single system. Take onboarding, for example. With Rippling, you can hire a new employee anywhere in the world and set up their payroll, corporate card, computer, benefits, and even third-party apps like Slack and Microsoft 365—all within 90 seconds. Based in San Francisco, CA, Rippling has raised $1.4B+ from the world’s top investors—including Kleiner Perkins, Founders Fund, Sequoia, Greenoaks, and Bedrock—and was named one of America's best startup employers by Forbes. We prioritize candidate safety. Please be aware that all official communication will only be sent from @Rippling.com addresses. About the role Rippling is looking for a Senior Security Engineer to join our Corporate Security team. Our mission is to reduce organizational risk by securing the tools and platforms Rippling employees use every day—SaaS apps, internal tools, endpoints, and email. We help the business make safer decisions by building secure defaults, automating away risky behavior, and working directly with stakeholders to understand and mitigate threats. As a Senior Engineer on CorpSec, you’ll drive projects that span technical execution, stakeholder engagement, and strategic planning. You’ll work closely with the Detection and Response, IT products, Infrastructure, Legal, and Compliance teams to improve how we manage access, detect abuse, and remediate risk—often through automation and thoughtful process design. What You’ll Do Lead end-to-end security projects that secure core enterprise systems like Google Workspace, Atlassian, Salesforce, and Slack. Design and implement scalable access controls, including least privilege policies, automated approvals, and audit workflows. Deploy and tune security tooling (e.g. email security platforms, CASB/SWG, SaaS DLP tools) to reduce risk across our corp environment. Automate security workflows that reduce manual effort, close the loop on findings, and improve team efficiency. Write one-pagers and RFCs that clarify risk, propose solutions, and drive alignment with cross-functional stakeholders. Partner with Detection & Response to improve phishing protection and support incident investigations involving corp tools or user accounts. Mentor teammates and contribute to the team’s technical direction through design reviews and hands-on collaboration. Sample Projects You Might Work On Rolling out a new email security solution and defining phishing detections in partnership with Detection & Response. Building an approval system for Chrome extensions and auto-whitelisting trusted ones using Google's API. Automating Slack-based remediation for publicly shared sensitive Google Docs. Restricting 3rd-party app access in Google Workspace and driving stakeholder alignment on exceptions. Threat modeling Salesforce and improving visibility into high-risk integrations and data access patterns. What We're Looking For 5+ years of experience in security or software engineering, ideally with exposure to SaaS, corp IT, or access management. Strong programming skills (e.g. Python, Go) and a track record of building automation that solves real problems. Experience with one or more of: identity and access management, SaaS security tooling, DLP, insider threat detection, or phishing protection. Clear, empathetic communication skills—especially when working with stakeholders outside of engineering. Ability to turn ambiguous problems into scoped projects, define success metrics, and drive them to completion. Comfortable owning projects end-to-end and proactively reducing blockers for others. What ... (truncated, view full listing at source)