Security Engineer, Threat Detection

Who we are

About Stripe

Stripe is a financial infrastructure platform for businesses. Millions of companies—from the world’s largest enterprises to the most ambitious startups—use Stripe to accept payments, grow their revenue, and accelerate new business opportunities. Our mission is to increase the GDP of the internet, and we have a staggering amount of work ahead. That means you have an unprecedented opportunity to put the global economy within everyone’s reach while doing the most important work of your career.

About the team

As a platform company powering businesses all over the world, Stripe processes payments, runs marketplaces, detects fraud, helps entrepreneurs start an internet business from anywhere in the world. Stripe's AppSec Engineers build scanning platforms and tooling, alert and remediation pipelines, ensure reliable data, and transform data from various inputs and applications used to ultimately represent security posture across all of Stripe.

At Stripe, we are building security scanning and posture infrastructure using data science tooling and big data systems that will help us with scale while making onboarding and analysis of new data easy and transparent. Rather than traditional commercial tooling, you’ll help to drive codified processes, data analytics and automation. This is a unique challenge for a cyber professional interested in non-traditional security monitoring and response designed to function within a development operations framework. You’ll maintain strong partnerships with the security assessment and security discovery teams on capabilities and other security teams to understand the interfaces to those systems useful for monitoring and response throughout Stripe.

What you’ll do

Responsibilities

• Understand data tooling available at Stripe and determine how to best leverage, modify, or fork them for use by security
• Create libraries, tooling and platform needed to operationalize continuous security testing tools at scale
• Enable holistic data integration to support advanced data analytics
• Maintain libraries that enable interaction with various internal and external data sources and systems used for correlation of security posture logic
• Create a reliability layer for metrics related to the data pipeline both for easy debugging and constant improvement of bottlenecks
• Create APIs to help security teams access underlying data

Who you are

We’re looking for someone who meets the minimum requirements to be considered for the role. If you meet these requirements, you are encouraged to apply. The preferred qualifications are a bonus, not a requirement.

Minimum requirements

• A strong engineering background with interest in data. 
• Experience writing production Python and Go code
• Experience developing and maintaining distributed systems built with open source tools
• Experience building libraries and tooling that provide beautiful abstractions to users
• Experience integrating with CI/CD developer flows
• Experience with tools such as Kafka, Airflow and various Notebook technology
• 4+ years of relevant experience in Security
• Experience as a consumer of data science tooling and infrastructure
• Experience security technologies including endpoint detection, network technologies, AWS cloud services
• Strong understanding of the technical capabilities needed for an effective appsec and vulnerability management capability
• Ability to build strong relationships and drive cross functional projects with engineering partners

Preferred qualifications

• Ability to drive concurrent projects and initiatives while managing operational responsibilities
• An exemplary, user-focused communication style; emphasizing clarity, empathy and accuracy
• Demonstrated success working remotely
• Ability to deliver capabilities to teams in an iterative manner while building towards a larger vision
• Demonstrated success overseeing internal tool development and automation at scale
• Experience with collection of compliance artifacts, security incidents and risk awareness

Working remotely at Stripe

A remote location, in most cases, is defined as being 35 miles (56 kilometers) or more from one of our offices. While you would be welcome to come into the office for team/business meetings, on-sites, meet-ups, and events, our expectation is you would regularly work from home rather than a Stripe office. Stripe does not cover the cost of relocating to a remote location. We encourage you to apply for roles that match the location where you currently or plan to live.

Pay and benefits

The annual US base salary range for this role is $136,800 - $205,200. For sales roles, the range provided is the role’s On Target Earnings ("OTE") range, meaning that the range includes both the sales commissions/sales bonuses target and annual base salary for the role. This salary range may be inclusive of several career levels at Stripe and will be narrowed during the interview process based on a number of factors, including the candidate’s experience, qualifications, and location. Applicants interested in this role and who are not located in the US may request the annual salary range for their location during the interview process.

Additional benefits for this role may include: equity, company bonus or sales commissions/bonuses; 401(k) plan; medical, dental, and vision benefits; and wellness stipends.

We look forward to hearing from you

At Stripe, we're looking for people with passion, grit, and integrity. You're encouraged to apply even if your experience doesn't precisely match the job description. Your skills and passion will stand out—and set you apart—especially if your career has taken some extraordinary twists and turns. At Stripe, we welcome diverse perspectives and people who think rigorously and aren't afraid to challenge assumptions. Join us.