Skip to content
RipplingRipplingSan Francisco, CA

Copy of Senior Security Assurance Analyst

Support Rippling's security assurance program by managing certifications (ISO 27001, SOC 2, others), conducting vendor due diligence, evolving the ISMS, and handling audit/governance requests. Requires 5+ years in security compliance, deep knowledge of ISO/SOC standards, cloud security, policy management, and strong cross-functional communication.

Salary not listed
Hybrid5+ YOESecurity Engineering

About the role

What You'll Do

  • Support the delivery of Rippling's security assurance program across ISO 27001, SOC 2, ISO/IEC 42001, ISO/IEC 27018 and CSA STAR. This includes coordinating evidence collection across the business, liaising with internal stakeholders and auditors, and ensuring all annual certification and attestation activities are completed efficiently and on schedule.
  • Perform security due diligence on new and existing vendors, evaluating the data they process, where it is stored, how it is used, their security and privacy controls, independent certifications (e.g. SOC and ISO), and external security ratings (BitSight) to support informed third-party risk and onboarding decisions.
  • Support the evolution of the ISMS by enhancing security policies and standards, maturing the policy lifecycle, and improving governance and review processes across the organization.
  • Support internal teams and external stakeholders with ad hoc security assurance requests, including audit evidence, customer due diligence, policy guidance, and broader security governance activities.

What You Bring

  • 5+ years of experience in security compliance roles.
  • Exceptional communication skills, enabling effective engagement with internal teams (e.g., engineering, privacy/legal, and product) and external stakeholders.
  • In-depth familiarity with information security standards such as ISO 27001 and SOC 2.
  • Proficiency in cloud security best practices.
  • Experience developing, reviewing, and maintaining information security policies.
  • Good understanding of privacy regulations and data handling obligations, with the ability to work effectively alongside legal and privacy teams.

Nice to Have

  • Information security awareness training materials.
  • Experience creating meaningful Security Metrics.
  • Working knowledge or experience of User access management.
  • Experience automating security controls.

Skills

ISO 27001SOC 2Iso/Iec 42001Iso/Iec 27018Csa StarCloud SecuritySecurity PoliciesVendor Risk ManagementPrivacy RegulationsSecurity MetricsUser Access ManagementSecurity Automation
Snowflake

Senior Software Engineer

SnowflakeBellevue, WA +1

Senior Software Engineer building Snowflake's core identity, access management, and AI-native security infrastructure for the Data Cloud. Design secure agent workflows, IAM systems, encryption, and policy enforcement tooling at massive scale.

200k – 288k/yr
Hybrid5+ YOESecurity Engineering
Anthropic

Software Security Engineering Manager, Secure Frameworks

AnthropicSan Francisco, CA +1

Lead the Secure Frameworks Research team at Anthropic to build high-leverage security libraries and frameworks (cryptographic, serialization, authorization) that prevent vulnerabilities in AI model development. Manage engineers, drive adoption across teams, and balance security rigor with development velocity; requires 5+ years security/software engineering and 3+ years managing security teams.

405k – 485k/yr
Hybrid8+ YOESecurity Engineering
Forus

Founding Security Engineer

ForusNew York, NY

Founding Security Engineer owning cloud (AWS/GCP), product, AI data, detection/response, and compliance (HIPAA/SOC 2) for a healthcare AI platform handling PHI at scale. Requires 7+ years security engineering on strong SWE foundation, hands-on IaC, and multi-domain expertise.

Salary not listed
On-site7+ YOESecurity Engineering
Flexport

Manager, Supply Chain Protection & Loss Intelligence

FlexportMiami, FL

Manager responsible for global supply chain protection, loss prevention, and physical security programs at Flexport. Oversees 50+ security officers, electronic systems (CCTV/access control), data-driven investigations, policy/SOP authoring, and new facility stand-up across offices and fulfillment centers.

Salary not listed
On-site8+ YOESecurity Engineering
Crusoe

Physical Security Manager

CrusoeDallas, TX

Lead day-to-day operations of Crusoe's 24/7 Global Security Operations Center (GSOC), overseeing monitoring, incident response, intelligence, and crisis management to protect facilities and infrastructure. Requires experience building high-performing teams, driving operational maturity, and ensuring compliance in a fast-growing environment.

Salary not listed
On-site7+ YOESecurity Engineering