Jobs

Staff Security Engineer - Detection and Response


Job details
  • Rippling
  • London
  • 2 days ago

About Rippling


Rippling is the first way for businesses to manage all of their HR & IT—payroll, benefits, computers, apps, and more—in one unified workforce platform.


By connecting every business system to one source of truth for employee data, businesses can automate all of the manual work they normally need to do to make employee changes. Take onboarding, for example. With Rippling, you can just click a button and set up a new employees' payroll, health insurance, work computer, and third-party apps—like Slack, Zoom, and Office 365—all within 90 seconds.


Based in San Francisco, CA, Rippling has raised $1.2B from the world's top investors—including Kleiner Perkins, Founders Fund, Sequoia, Greenoaks, and Bedrock—and was named one of America"s best startup employers by Forbes.


We prioritize candidate safety. Please be aware that official communication will only be sent from @Rippling.comaddresses.



About the role

We are looking for an experienced Security Engineer to join our Detection and Response Team (DART). You will help us build out a world class incident response function that will navigate challenging security incidents, drive process improvement, develop an open culture where we grow from our mistakes as an organization. In this role, you will also build the tools and detection infrastructure that we need to scale our detection and response capability across all threats to our Production and Corporate environments.

What you will do

  • Respond to security events, triage, perform investigations, incident analysis, and communicate clearly and efficiently to stakeholders
  • Contribute to improving processes, procedures, and technologies used for detection and response, enabling us to improve after each incident
  • Develop and run tools to gather security telemetry data from cloud production systems
  • Automate workflows and improve identification and response time for security events
  • Build and optimize detection rules, allowing us to spend our cycles on the alerts that matter
  • Develop runbooks and incident playbooks for new and existing detections
  • Lead Threat hunting practices, suggest product and infrastructure signals to surface attacks and incorporate findings into security controls

What you will need

  • 8+ years of full-time experience as a security engineer, including security monitoring, incident response, and threat hunting in a cloud environment
  • A defensive practitioner who understands offensive security and, the actual scenarios that lead to compromise
  • Prior experience leading complex investigations with a large number of stakeholders
  • Strong communication skills and a proven track record of communicating with internal and external stakeholders at all levels.
  • Expertise on AWS security controls and services.
  • Experience leveraging coding for automation, alert enrichment and detections.
  • Knowledge of adversary tactics, techniques, and procedures (TTPs) and MITRE ATT&CK principles
  • Hands-on experience with data analysis, modeling, and correlation at scale
  • Operating systems internals and forensics experience for macOS, Windows & Linux
  • Domain experience managing and working with current SIEM and SOAR platforms
  • Experience developing tools and automation using common DevOps toolsets and programming languages
  • Understanding of malware functionality and persistence mechanisms
  • Ability to analyze endpoint, network, and application logs for anomalous events

Additional Information


Rippling is an equal opportunity employer. We are committed to building a diverse and inclusive workforce and do not discriminate based on race, religion, color, national origin, ancestry, physical disability, mental disability, medical condition, genetic information, marital status, sex, gender, gender identity, gender expression, age, sexual orientation, veteran or military status, or any other legally protected characteristics, Rippling is committed to providing reasonable accommodations for candidates with disabilities who need assistance during the hiring process. To request a reasonable accommodation, please email


Rippling highly values having employees working in-office to foster a collaborative work environment and company culture. For office-based employees (employees who live within a 40 mile radius of a Rippling office), Rippling considers working in the office, at least three days a week under current policy, to be an essential function of the employee"s role.




jj6JbaSVKdGVrfKwoCjpbo

PI255170680

Sign up for our newsletter

The latest news, articles, and resources, sent to your inbox weekly.

Similar Jobs

Staff Application Security Engineer

A Little About UsEDB provides a data and AI platform that enables organizations to harness the full power of Postgres for transactional, analytical, and AI workloads across any cloud, anywhere. EDB empowers enterprises to control risk, manage costs and scale efficiently for a data and AI led world. Serving more...

EDB London

Staff Security Operations Engineer

We have opened several senior/staff Security Operations Engineer (SOC) positions, creating a new team reporting to the CISO. We are looking for a range of experience in these positions - at the high end we are looking for deep experience defending highly contested critical assets and high-value cyber targets against...

Canonical London

Physical Security Enablement Manager

Who are we?Equinix is the world’s digital infrastructure company®, operatingover 250 data centers across the globe.Digital leaders harness Equinix's trusted platform to bring together and interconnect foundational infrastructure at software speed. Equinix enables organizations to access all the right places, partners and possibilities to scale with agility, speed the launch...

Equinix Slough

Security Engineer (CCTV, Access Control & Intruder Alarms)

Security Engineer (CCTV, Access Control & Intruder Alarms) – East London – £32,000-£42,000 Basic Salary Per AnnumSecurity Engineer (CCTV, Access Control & Intruder Alarms) Package Overview: * £32,000 - £42,000 Basic Salary + Overtime (Negotiable depending on experience) * Full-Time, Permanent * Monday to Friday Hours * Area Covered: East...

Get Staff Ilford

Security Engineer

About your new roleReporting to the Technical Implementation Manager, you will be responsible for providing excellent IS Security support for the business.You will be working at a technical level across a range of security technologies ensuring that through good communication, effective processes and procedures and excellent documentation we help the...

Weightmans Manchester

Security Engineer

Security EngineerLondonCompetitive salary + benefitsThe Hoare Lea security engineering team includes chartered engineers and professionally registered security professionals with an incredible wealth of experience across many industry sectors. We work on many prestigious built environment projects, focused on delivering security strategies and technical designs aligned to the RIBA plan of...

Hoare Lea London