Security Engineer II, Offensive Security

About RipplingRippling gives businesses one place to run HR, IT, and Finance. It brings together all of the workforce systems that are normally scattered across a company, like payroll, expenses, benefits, and computers. For the first time ever, you can manage and automate every part of the employee lifecycle in a single system.Take onboarding, for example. With Rippling, you can hire a new employee anywhere in the world and set up their payroll, corporate card, computer, benefits, and even third-party apps like Slack and Microsoft 365—all within 90 seconds.Based in San Francisco, CA, Rippling has raised $1.4B+ from the world’s top investors—including Kleiner Perkins, Founders Fund, Sequoia, Greenoaks, and Bedrock—and was named one of America's best startup employers by Forbes.We prioritize candidate safety. Please be aware that all official communication will only be sent from @Rippling.com addresses.About The RoleRippling is looking for a hands-on Security Engineer – Offensive Security to join our growing security team. In this role, you’ll design and execute offensive security initiatives that challenge our defenses, shape detection capabilities, and strengthen the resilience of a platform spanning HR, IT, Payments, Identity, and Infrastructure.As an early member of the Red Team, you’ll apply an attacker’s mindset across Rippling’s people, processes, and technology—running realistic adversary simulations, uncovering vulnerabilities, and driving threat-informed defense across our most critical assets. This is a rare opportunity to have meaningful scope and visibility while building a program that influences company-wide security strategy.About The TeamOur security engineering team is a diverse group of builders, breakers, and problem solvers. We partner closely with Engineering to design scalable solutions and rethink traditional security models for a rapidly growing ecosystem.We recently shared our work at:Our Infrastructure Security team shared a blog about how they streamlined AWS accessWe spoke at BSides SF about attacking and defending infrastructure with terraformOur Product Security Director talked about the Strategies to Scale Security in Expanding OrganizationsWhat You'll DoDesign and execute covert Red Team operations to measure Rippling’s readiness against advanced adversariesConduct threat emulation, assumed breach, and purple team exercises across cloud infrastructure, endpoints, applications, and identity systemsBuild custom tooling and automation to accelerate offensive operations and reduce manual effortPartner with Blue Teams to improve detection and response engineering, aligning with MITRE ATT&CK and real-world TTPsInfluence security investment and prioritization across Engineering, Operations, Finance, and Sales through threat-informed insightsLead post-engagement debriefs with technical teams and senior leadership, translating risk into clear, actionable recommendationsQualifications2+ years in an offensive security or Red Team role (or equivalent hands-on experience)Demonstrated ability to break down complex problems into measurable, solvable componentsProficiency in scripting (Python, PowerShell, Bash) and building Red Team toolingExperience automating offensive workflows and comfort with software development practicesHands-on experience with C2 frameworks (Cobalt Strike, Mythic, or custom-built alternatives)Deep understanding of attacker TTPs and common detection/response patternsExperience conducting or guiding cross-team architectural changes to reduce systemic riskFamiliarity with cloud environments (AWS), SaaS ecosystems, and modern identity systems (SSO, OAuth, SAML, MFA)Excellent written and verbal communication, with the ability to translate technical risk for non-technical stakeholdersAdditional InformationRippling is an equal opportunity employer. We are committed to building a diverse and inclusive workforce and do not discriminate based on race, religion, color, national origin, ancestry, physical disability, mental disability, medical condition, genetic information, marital status, sex, gender, gender identity, gender expression, age, sexual orientation, veteran or military status, or any other legally protected characteristics, Rippling is committed to providing reasonable accommodations for candidates with disabilities who need assistance during the hiring process. To request a reasonable accommodation, please email accommodations@rippling.com.Rippling highly values having employees working in-office to foster a collaborative work environment and company culture. For office-based employees (employees who live within a defined radius of a Rippling office), Rippling considers working in the office, at least three days a week under current policy, to be an essential function of the employee's role.This role will receive a competitive salary + benefits + equity. The salary for US-based employees will be aligned with one of the ranges below based on location; see which tier applies to your location here.A variety of factors are considered when determining someone’s compensation–including a candidate’s professional background, experience, and location. Final offer amounts may vary from the amounts listed below.The pay range for this role is:135,000 - 236,250 USD per year(US Tier 1)121,500 - 212,625 USD per year(US Tier 2)114,750 - 200,813 USD per year(US Tier 3)