About Rippling
Rippling gives businesses one place to run HR, IT, and Finance. It brings together all of the workforce systems that are normally scattered across a company, like payroll, expenses, benefits, and computers. For the first time ever, you can manage and automate every part of the employee lifecycle in a single system.
Take onboarding, for example. With Rippling, you can hire a new employee anywhere in the world and set up their payroll, corporate card, computer, benefits, and even third-party apps like Slack and Microsoft 365—all within 90 seconds.
Based in San Francisco, CA, Rippling has raised $1.2B from the world’s top investors—including Kleiner Perkins, Founders Fund, Sequoia, Greenoaks, and Bedrock—and was named one of America's best startup employers by Forbes.
We prioritize candidate safety. Please be aware that all official communication will only be sent from @Rippling.com addresses.
About the role
Rippling is growing exceptionally fast and we have a 700+ person engineering team that ships code dozens of times every day. As a staff infrastructure security engineer you’ll be working closely with the infrastructure, corporate security, detection and response and product security teams to build guardrails and paved roads, adopting secure defaults, automating everything and helping define the direction of our infrastructure security team.
What You'll Do:
Implement security controls for Github, Github Actions, Buildkite, Terraform, Kubernetes and AWS.
Support platform and infrastructure teams on moving securely to a Service Oriented Architecture (SOA).
Drive data security initiatives across the organization.
Define and provide actionable security metrics for the organization.
Help drive and own a detailed infrastructure security roadmap and vision.
Participate in security design reviews and threat model exercises.
Provide mentorship to other engineers.
Qualifications:
10+ years of experience in security or software engineering in a cloud environment.
Prior experience with Kubernetes security concepts such as secure deployments, network policies, service-to- service (S2S) authentication & authorization, RBAC, workload identity translation, admissions controllers, runtime security, and more.
Proficiency in either Python or Go.
Moderate familiarity with deployment automation/configuration management (eg. Terraform, CloudFormation, Github Actions, Buildkite, Pulumi).
Expertise with AWS security controls and services.