Senior Security Assurance Analyst
Listed on 2026-07-18
-
IT/Tech
Cybersecurity, Information Security, Data Security
About this Position
Rippling gives businesses one place to run HR, IT, and Finance. It brings together all of the workforce systems that are normally scattered across a company, like payroll, expenses, benefits, and computers. For the first time ever, you can manage and automate every part of the employee lifecycle in a single system.
Take onboarding, for example. With Rippling, you can hire a new employee anywhere in the world and set up their payroll, corporate card, computer, benefits, and even third-party apps like Slack and Microsoft 365—all within 90 seconds.
Based in San Francisco, CA, Rippling has raised $1.4B+ from the world’s top investors—including Kleiner Perkins, Founders Fund, Sequoia, Greenoaks, and Bedrock—and was named one of America’s best startup employers by Forbes.
We prioritize candidate safety. Please be aware that all official communication will only be sent from addresses.
About the RoleJoin Rippling’s Security Assurance team and help demonstrate the trust our customers place in us every day. You’ll play a key role in delivering internationally recognized security certifications and attestations, supporting regulatory obligations, and partnering across the business to strengthen our security assurance program.
About the TeamThe Security Assurance team is responsible for delivering Rippling’s security assurance programmes and supporting compliance with technology and security regulatory requirements. Through internationally recognised certifications, attestations, and effective governance, the team helps maintain a strong security posture, meet regulatory obligations, and build customer trust.
A self‑motivated, experienced professional who thrives with autonomy, takes ownership of their work, and executes with minimal oversight. A collaborative team player and strong communicator, capable of building relationships and driving outcomes across technical and business teams.
What You’ll Do:- Support the delivery of Rippling’s security assurance program across ISO 27001, SOC 2, ISO/IEC 42001, ISO/IEC 27018 and CSA STAR. The successful candidate will have experience supporting these certifications and attestations, coordinating evidence collection across the business, liaising with internal stakeholders and auditors, and helping ensure all annual certification and attestation activities are completed efficiently and on schedule.
- Vendor Management (Security Assurance):
Perform security due diligence on new and existing vendors, evaluating the data they process, where it is stored, how it is used, their security and privacy controls, independent certifications (e.g., SOC and ISO), and external security ratings (Bit Sight) to support informed third‑party risk and onboarding decisions. - Support the evolution of the ISMS by enhancing security policies and standards, maturing the policy lifecycle, and improving governance and review processes across the organization.
- Support internal teams and external stakeholders with ad‑hoc security assurance requests, including audit evidence, customer due diligence, policy guidance, and broader security governance activities.
- 5+ years of experience in security compliance roles, with exceptional communication skills, enabling you to effectively engage with internal teams (e.g., engineering, privacy/legal, and product) and external stakeholders.
- In‑depth familiarity with information security standards such as ISO 27001 and SOC 2.
- Proficiency in cloud security best practices, ensuring our cloud infrastructure remains secure and compliant.
- Experience developing, reviewing, and maintaining information security policies.
- Good understanding of privacy regulations and data‑handling obligations, with the ability to work effectively alongside legal and privacy teams.
- Information security awareness training materials.
- Experience creating meaningful security metrics.
- Working knowledge or experience of user access management.
- Experience automating security controls.
Rippling is an equal‑opportunity employer. We are committed to building a diverse and inclusive workforce and do not discriminate based on race, religion, color,…
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).