Stripe is hiring a
Incident Response Manager

Summary

Join Stripe's Security Incident Response team to analyze, investigate, and respond to threats before they impact the business or users. As a security engineer, you will improve incident response capabilities, manage and coordinate the entire incident response process, and act as incident commander.

Requirements

• 5+ years experience in leading Security Incident Response
• B.S. or M.S. Computer Science or related field, or equivalent experience
• Expert knowledge of Python and SQL, and familiarity with other programming languages
• Existing experience with log analysis (e.g. first or third party applications, system / data access, event logs), network security, digital forensics, and incident response investigations
• Hands-on experience in analyzing and responding to security events, such as conducting log analysis, developing queries and analytics, troubleshooting security issues, and correlating complex data sets
• Proficiency with developing and using novel analytical methods to automate response processes
• Excellent written and verbal communication skills, proactive in informing stakeholders, and ability to operate with little oversight
• Ability to identify trends, insights, and relationships between internal and external data and intelligence sources to make risk mitigation recommendations

Responsibilities

• Lead and coordinate security incident response activities and workstreams as the incident response manager (IRM)
• Analyze and investigate a broad range of threats or activities occurring on client devices, maintaining a high level of confidentiality and documenting incident details accordingly
• Make decisions and recommendations based on the results of incident analysis and communicate the appropriate context to stakeholders
• Develop, document, and implement strategies, runbooks, capabilities, and techniques for incident response
• Work cross-functionally with security engineering and data science teams to build solutions for analyzing security events data at scale
• Strengthen KPIs and metrics for measuring response effectiveness and provide clear and consistent reporting to internal stakeholders
• Continuously improve security processes and response capabilities by building relationships with key stakeholders
• Mentor and develop other teammates, championing quality standards within the team

Preferred Qualifications

• Broad knowledge and experience across the information security domain
• Experience with engineering, data processing and analysis tools (e.g. Databricks, Trino, etc.)
• Familiarity with network observability, security software, or data engineering solutions (Chronicle, osquery, Splunk, etc.)