Page 1 of 1
WHO WE ARE ABOUT STRIPE Stripe is a financial infrastructure platform for businesses. Millions of companies - from the world’s largest enterprises to the most ambitious startups - use Stripe to accept payments, grow their revenue, and accelerate new business opportunities. Our mission is to increase the GDP of the internet, and we have a staggering amount of work ahead. That means you have an unprecedented opportunity to put the global economy within everyone's reach while doing the most important work of your career. ABOUT THE TEAM The Security Incident Response team is responsible for triaging and assessing the severity of incoming security alerts, responding with initial containment measures and escalating as needed to incident responders for further investigation and resolution. They analyze a variety of data sources to identify potential threats, collect requirements for operational enhancements to detection and response systems, and generally scale security processes. From external attacks to insider threats, our goal is to respond with speed and precision, remediate, and support the incident postmortem process. The team is distributed globally and regularly coordinates with stakeholders in North America, Europe, and Asia. WHAT YOU’LL DO You will leverage your security management experience to improve incident response capabilities at Stripe. You will manage a team of security analysts, investigators, and responders on the front lines of the incident response process, hiring, training, and evaluating their performance, providing technical guidance where needed, developing clear and consistent response procedures, and ensuring timely and effective resolution of casework. You will also collaborate with various internal stakeholders, including the Security Analytics and Detection teams, and make continuous improvements to Stripe’s security incident response function. RESPONSIBILITIES * Lead and support a team of security analysts, investigators, and responders who triage, assess, and respond to threats * Provide technical guidance to the team, as a subject matter expert * Influence the organizational mission and vision by ensuring prioritization and delivery of project work that is aligned with relevant security roadmaps * Strengthen KPIs and metrics for measuring response operations effectiveness, for clear and consistent reporting to internal stakeholders * Work cross-functionally with security engineering teams to gather requirements for analyzing and responding to security events data at scale while protecting Stripe networks, systems, and data from threats * Develop, document, and implement strategies, runbooks, and capabilities to support the incident response process * Continuously improve security processes and response capabilities by collaborating with security engineers and analysts * Coach and mentor individual contributors, enabling career development and championing quality standards within the team WHO YOU ARE We're looking for someone who meets the minimum requirements to be considered for the role. If you meet these requirements, you are encouraged to apply. The preferred qualifications are a bonus, not a requirement. MINIMUM REQUIREMENTS * 5+ years experience leading Security Operations or Incident Response teams, including hands-on, technical management experience of security analysts or engineers * B.S. or M.S. Computer Science or related field, or equivalent experience in Security * Experience recruiting, growing, and leading technical teams, including performance management * Excellent written and verbal communication skills, including the ability to develop and deliver operational or incident-related information to leadership * Advanced knowledge of data analytics (e.g. logs for first or third party applications, system / data access events), network security, digital forensics, and incident response investigations * Experience with Python and SQL, and/or familiarity with other programming languages * Familiarity with operating systems, file systems, and memory on macOS, Linux, or Windows * Strong understanding of threat actor tactics, techniques, and procedures (TTPs) PREFERRED QUALIFICATIONS * Broad knowledge and experience across the information security domain, including familiarity with endpoint, email, network, identity management, cloud security, vulnerability management, incident response, and threat intelligence. * Experience with engineering, data processing and analysis tools * Familiarity with network observability, security software, or data engineering solutions (Chronicle, Tines, osquery, Splunk, etc.)
WHO WE ARE ABOUT STRIPE Stripe is a financial infrastructure platform for businesses. Millions of companies—from the world's largest enterprises to the most ambitious startups—use Stripe to accept payments, grow their revenue, and accelerate new business opportunities. Our mission is to increase the GDP of the internet, and we have a staggering amount of work ahead. That means you have an unprecedented opportunity to put the global economy within everyone's reach while doing the most important work of your career. ABOUT THE TEAM The Proactive Threat team is responsible for identifying vulnerabilities and security weaknesses across Stripe's systems, applications, networks, and cloud infrastructure — before adversaries do. We operate as a hybrid offensive function: conducting penetration testing, emulating real-world threat actors through red team operations, and partnering closely with our defensive security teams to validate detection capabilities and improve Stripe's overall security posture. We are builders first. Our team develops custom tooling, automation frameworks, and internal platforms that scale our offensive capabilities and enable repeatable, high-fidelity assessments. We believe the best offensive security engineers are equal parts hacker and engineer. The team is distributed across the United States, primarily operating in Eastern and Pacific time zones, and collaborates regularly with security, engineering, and product stakeholders across Stripe — including teams in Europe and Asia. WHAT YOU'LL DO As an Offensive Security Engineer on the Proactive Threat team, you will simulate the tactics, techniques, and procedures (TTPs) of real-world adversaries to uncover security risks across Stripe's products and infrastructure. You'll conduct hands-on penetration testing, lead red team engagements, and collaborate with blue team counterparts to validate and improve detection and response capabilities. Your work will directly influence how Stripe builds, ships, and secures financial infrastructure used by millions of businesses worldwide. Beyond assessments, you'll design and build offensive tooling and automation that amplifies the team's impact. You'll leverage threat intelligence to prioritize testing efforts, contribute to incident investigations when needed, and act as a subject-matter expert for security initiatives across the company. RESPONSIBILITIES * Conduct comprehensive penetration tests across web applications, APIs, cloud environments (AWS/GCP/Azure), mobile applications, and internal infrastructure * Plan and execute red team engagements that emulate the TTPs of cyber and criminal threat actors targeting financial services, including initial access, lateral movement, persistence, and data exfiltration scenarios * Perform assumed-breach and objective-based assessments to test detection and response capabilities in coordination with defensive teams * Partner with detection engineering, threat intelligence, and incident response teams to validate security controls, identify coverage gaps, and improve detection fidelity * Contribute adversary tradecraft insights to inform detection rule development, threat hunting hypotheses, and incident response playbooks * Support incident investigations by providing offensive expertise, log analysis, and root cause analysis when required * Design, develop, and maintain custom offensive tools, scripts, and automation frameworks to enhance assessment efficiency and coverage * Build internal platforms and workflows that enable scalable, repeatable offensive operations * Contribute to internal security tooling repositories and champion engineering best practices within the team * Automate repetitive testing tasks, payload generation, and reporting workflows using modern development practices * Produce clear, actionable reports that communicate technical findings, business risk, and remediation guidance to both technical and non-technical stakeholders * Act as a subject-matter expert and primary point of contact for stakeholder teams engaged in offensive security programs and Stripe-wide security initiatives * Lead offensive security projects end-to-end, mentor junior team members, and foster a culture of continuous learning and knowledge sharing * Stay current with emerging threats, vulnerabilities, and attack techniques; share research internally and contribute to the broader security community WHO YOU ARE We're looking for someone who meets the minimum requirements to be considered for the role. If you meet these requirements, you are encouraged to apply. The preferred qualifications are a bonus, not a requirement. MINIMUM REQUIREMENTS * 5+ years of experience in offensive security, penetration testing, red teaming, or a related field * Strong programming skills in Python, Go, or similar languages, with demonstrated experience building tools, automation, or custom exploits * Deep knowledge of web application security, including OWASP Top 10, ASVS, and common vulnerability classes (injection, auth flaws, business logic, etc.) * Hands-on experience with cloud platforms (AWS, Azure, or GCP), including cloud-native attack techniques and misconfigurations * Proficiency with offensive tooling such as Burp Suite, Cobalt Strike, Mythic, Sliver, BloodHound, or similar frameworks * Familiarity with adversary tradecraft and frameworks such as MITRE ATT&CK, including TTPs for initial access, privilege escalation, lateral movement, and exfiltration * Excellent written and verbal communication skills, with the ability to translate complex technical findings into clear, risk-based recommendations * Ability to think like an adversary — creative, persistent, and able to holistically assess risk in complex environments PREFERRED QUALIFICATIONS * Experience conducting offensive security in fintech, financial services, or other highly regulated environments * Background in vulnerability research, exploit development, or CVE discovery * Experience collaborating with threat intelligence, detection engineering, or incident response teams (purple team operations) * Familiarity with big data and log analysis tools (Splunk, Databricks, PySpark, osquery, etc.) for threat hunting or investigative support * Proficiency with AI/LLM-assisted development tools (e.g., Claude Code, Cursor, GitHub Copilot) and experience applying them to offensive security workflows * Interest or experience in agentic automation — using LLMs or autonomous agents to augment reconnaissance, vulnerability discovery, or exploitation workflows * Experience testing AI/ML systems or LLM-based applications for security weaknesses (prompt injection, training data extraction, model manipulation, etc.) * Contributions to open-source security tools, published research, blog posts, or conference presentations * Relevant certifications such as OSCP, OSWE, OSEP, OSED, CRTO, CPTS, PNPT, GXPN, or cloud security certifications
WHO WE ARE ABOUT STRIPE Stripe is a financial infrastructure platform for businesses. Millions of companies—from the world's largest enterprises to the most ambitious startups—use Stripe to accept payments, grow their revenue, and accelerate new business opportunities. Our mission is to increase the GDP of the internet, and we have a staggering amount of work ahead. That means you have an unprecedented opportunity to put the global economy within everyone's reach while doing the most important work of your career. ABOUT THE TEAM In this role, you'd join Stripe's Security Analytics Infrastructure team. Our mission is to enable Stripe's detection and response by generating, centralizing, and organizing security data through simple, reliable pipelines and providing a platform of core security systems. We also undertake experimental, bespoke projects that close Stripe‑specific security gaps and accelerate outcomes for our partner teams. WHAT YOU'LL DO As a Software Engineer on this team, you'll use your blend of security and software engineering expertise to build and support our key services including a SIEM, SOAR, endpoint detection and response, server observability, threat intel platform, and AI infrastructure. You'll work closely with partner teams working in multiple program areas of cyber defense, including cyber intelligence, threat detection, vulnerability management, secure devices, and compliance. Overall, you'll help ensure that we have the right data in the right place at the right time for our users. RESPONSIBILITIES • Build and maintain services and dataflows related to our security analytics platform • Collaborate with other teams to drive improvements to processes our platform supports • Continuously improve our security posture, processes, and tools WHO YOU ARE We're looking for someone who meets the minimum requirements to be considered for the role. If you meet these requirements, you are encouraged to apply. The preferred qualifications are a bonus, not a requirement. MINIMUM REQUIREMENTS • 5+ years software engineering experience in a high-stakes production environment • Significant experience in applying software engineering in the cybersecurity field • Experience in applying AI tooling in this space (e.g. Claude Code, agent-based approaches, etc.) • Empathy, strong communication skills, and a deep respect for the power of collaboration • Excellent problem-solving skills and attention to detail • High standards for code quality and a constructive attitude to help others raise the bar PREFERRED QUALIFICATIONS • Go and Python experience • An ability to think creatively and holistically about reducing risk in a complex environment • Previous experience in a regulated industry (e.g., financial services, healthcare)