Technology & Information Security Lead

About Rippling

Rippling gives businesses one place to run HR, IT, and Finance. It brings together all of the workforce systems that are normally scattered across a company, like payroll, expenses, benefits, and computers. For the first time ever, you can manage and automate every part of the employee lifecycle in a single system.

Take onboarding, for example. With Rippling, you can hire a new employee anywhere in the world and set up their payroll, corporate card, computer, benefits, and even third-party apps like Slack and Microsoft 365—all within 90 seconds.

Based in San Francisco, CA, Rippling has raised $1.4B from the world’s top investors—including Kleiner Perkins, Founders Fund, Sequoia, Greenoaks, and Bedrock—and was named one of America's best startup employers by Forbes.

We prioritize candidate safety. Please be aware that all official communication will only be sent from @Rippling.com addresses.

About The Role

Rippling has established operations in the UK (“Rippling Payments Uk”). Rippling Payments UK (RPay UK) will be central in providing Payroll, Bill Pay, and related e-money products and services to customers in the UK and abroad.

As Rippling expands into the international market through RPay UK, we are seeking an experienced Technology and Security Lead to join our RPay UK team. RPay UK is currently applying for an Electronic Money Institution (EMI) license with the Financial Conduct Authority (FCA).

That’s where you come in…

Rippling is looking for a highly-motivated and proactive Technology & Information Security Lead to take ownership of the technology and security pillar of our application for the EMI license and lead the oversight program for Technology & security oversight program for RPay UK. You will partner closely with our parent entity (Rippling Inc.) collaborating, overseeing and challenging the technology and security services it outsources to them - ensuring they adhere to the FCA requirements.

You are a self-starter and take pride in working collaboratively and effectively to mature and drive excellence across technology and security. We value innovative thoughts on achieving the highest standards.

What You Will Do

• Reviewing Dashboards, email and slack alerts relating to technology and security services being provided by the parent (Rippling).
• Incident Oversight and Reporting
• Governance, Risk & Compliance (GRC)
• Operational Resilience: BCP & DR
• Policy and procedure reviewing and writing
• Third Party/Vendor Management security assessments
• Respond to regulatory queries
• Support audit when required: internal and external
• Ad-hoc programs of work to aid Rippling to mature to the standards expected by the FCA.

What You Will Need

• 5+ years of experience in technology and/or security services with demonstrable exposure to incident oversight, governance, risk, and compliance (GRC).
• Ability to understand and articulate the technology and security regulatory requirements that apply to RPay UK
• Familiarity or experience with three or more of the following:

- Third Party/Vendor due diligence

- Incident Reporting

- Operational Resilience (Business Continuity & Disaster Recovery)

- Policy & Procedures

- Tech/Security Risk Management

- Data Privacy

- User Access Management

- Compliance Automation

• Proactive problem-solver with effective stakeholder communication skills and the ability to follow and improve processes.
• Experience working in financial services (or heavily regulated environments) or fast-paced tech companies is a plus but not essential.
• Comfortable with evening calls (1–2 hours per week, typically between 6-9 pm) to accommodate a San Francisco-based parent company.
• Between 2-3 trips to London to HQ annually. 2-4 trips to Dublin HQ annually. Flexibility is available.

All applicants must have the legal right work in Northern Ireland without sponsorship.