Offensive Security Engineer
Stripe
πRemote - United States
Please let Stripe know you found this job on JobsCollider. Thanks! π
Job highlights
Summary
Join the Attacker Engineering team at Stripe to perform offensive security assessments and penetration testing. You'll uncover security weaknesses within Stripe by simulating real-world adversaries' tactics, techniques, and procedures. As a key member of the team, you'll work closely with other members to identify and mitigate security risks and vulnerabilities.
Requirements
- 5+ years experience in offensive security or related field
- B.S. or M.S. Computer Science or related field, or equivalent experience
- Proven knowledge of web application security, including vulnerabilities such as OWASP Top10
- Experience with cloud computing platforms such as AWS, Azure, or Google Cloud Platform
- Knowledge of Python and SQL, and familiarity with other programming languages
- Ability to analyze and interpret application logs to identify and investigate potential security incidents
- Excellent written and verbal communication skills, including the ability to produce clear and concise reports
- Ability to think creatively and holistically about identifying risk in a complex environment
Responsibilities
- Conduct complex offensive security assessments across a variety of environments, including on-premise, cloud, and mobile applications
- Develop scripts and tools to automate offensive security assessments
- Provide technical expertise in areas such as network protocols, operating systems, and web application security
- Work closely with other members of the Stripe security team to identify and mitigate security risks and vulnerabilities
- Lead offensive security projects and mentor junior team members
- Produce clear and concise reports testing plans, engagement models, findings, risks, and recommendations for remediation
- Keep up-to-date with the latest security threats, vulnerabilities, and attack methods
- Act as the subject-matter expert and primary contact for stakeholder teams invested in offensive security programs and Stripe-wide security initiatives
- Collaborate effectively with teammates, leading projects, mentoring others, and developing and championing quality standards within the team
Preferred Qualifications
- Experience in conducting offensive security activities in the fintech or financial sectors
- An adversarial mindset, understanding the goals, behaviors, and TTPs of threat actors
- Experience partnering with threat intelligence and incident response teams to perform log analysis, digital forensics, and incident response investigations
- Experience with engineering, data processing and analysis tools (e.g. Databricks, Trino, etc.)
- Familiarity with common open-source frameworks for big data processing and/or data science (PySpark, Pandas, Sci-kit Learn, etc.)
- Experience with tactical threat intelligence and/or hunting for sophisticated threat actors in an enterprise environment
- Familiarity with network observability, security software, or data engineering solutions (osquery, Splunk, etc.)
Share this job:
Disclaimer: Please check that the job is real before you apply. Applying might take you to another website that we don't own. Please be aware that any actions taken during the application process are solely your responsibility, and we bear no responsibility for any outcomes.
Similar Remote Jobs
- π°$120k-$175kπUnited States, Canada
- π°$120k-$175kπUnited States, Canada
- πUnited States, Canada
- πUnited States
- πUnited States, Canada
- πUnited States, Canada
- πUnited States, Canada
- πUnited States
- πBrazil, Uruguay
Please let Stripe know you found this job on JobsCollider. Thanks! π