# Staff Product Security Engineer

**Company:** [Rippling](https://hotfix.jobs/companies/rippling)
**Location:** Seattle, WA, San Francisco, CA, New York, NY
**Role:** Security Engineering
**Salary:** $189k – $315k/yr
**Experience:** 10+ years
**Skills:** Python, React, Django Rest Framework, CI/CD, Source Code Review, Threat Modeling, Application Security, SSO, OAuth, SAML, Bug Bounty
**Posted:** 2026-06-26

> Hands-on staff security engineer building guardrails, tooling, and automations to secure Rippling's web applications. Requires 10+ years in product security, fluency in Python/React/DRF, and experience embedding security into SDLC and CI/CD.

## Job Description

## What You'll Do
- Build guardrails and controls to eliminate full classes of vulnerabilities within the Rippling application
- Build security tooling and automations to help scale the Product Security team’s practices
- Threat-model application designs and solutions and provide security assessments
- Audit source code and perform code review for critical application changes
- Mentor software engineering teams in security best practices
- Provide hands-on remediation guidance to development teams
- Review & establish software development practices that make security an essential part of the development process
- Develop / Integrate security into the Software Development Life Cycle

## Qualifications
- 10+ years of experience in a product security role
- Experience leading architectural changes or complex cross team efforts to mitigate security vulnerabilities
- Deep understanding of securing web applications
- Fluency in Python, React, and Django Rest Framework
- Experience with manual source code review, and embedding security to code in production environments
- Experience with deploying application security tools in the CI/CD pipeline
- Experience with securing software development lifecycle including building programs that eliminate full classes of vulnerabilities

## Bonus Points
- Good understanding of SSO, including OAUTH, SAML
- Experience with speaking at meetups or conferences
- Experience running a bug bounty program

## Similar roles

- [Senior/Staff Network Security Engineer](https://hotfix.jobs/jobs/7e8c4605-3112-4e43-9bf5-867803cdb64d) - Zoox - Foster City, CA - $190k – $228k/yr
- [Staff Software Engineer, Anti-Abuse & Security](https://hotfix.jobs/jobs/1fcb0c05-c653-435e-afc9-ba434b2ce4eb) - Replit - Foster City, CA - $190k – $240k/yr
- [Staff Software Engineer - IAM](https://hotfix.jobs/jobs/beb0c7dd-8252-4afd-9578-b2f442a56ef6) - Databricks - Mountain View, CA - $191k – $275k/yr
- [Staff Software Engineer - Security Infrastructure](https://hotfix.jobs/jobs/aba44157-0500-410c-86d5-7093521c7cdc) - Databricks - Mountain View, CA - $191k – $254k/yr
- [Staff Engineer, Cloud Security](https://hotfix.jobs/jobs/99669566-c101-41a5-be5e-7cf047fbf291) - Illumio - Sunnyvale, CA - $194k – $233k/yr

**Apply:** https://hotfix.jobs/jobs/95a8b221-1433-4ef3-9649-0377b8046821
**Canonical:** https://hotfix.jobs/jobs/95a8b221-1433-4ef3-9649-0377b8046821