Remote Security Engineer, Threat Detection

Summary

Join Stripe's Threat Detection Team to play a dual role in both attacking and defending Stripe's digital assets, executing advanced adversary simulations, assessing resilience, and enhancing defensive strategies.

Requirements

• 5+ years of experience in cybersecurity, with demonstrated expertise in both offensive and defensive tactics
• Bachelor's degree in Cybersecurity, Computer Science, or related field
• Experience in conducting advanced penetration tests, adversary simulations, and vulnerability assessments
• Deep understanding of the cyber threat landscape, including advanced attack vectors and countermeasures
• Proficiency in using cybersecurity tools and technologies for attack simulation and defense, including custom tool and script development

Responsibilities

• Execute sophisticated adversary simulation exercises that mimic real-world attacks, focusing on high-performance computing and storage environments
• Develop and maintain a comprehensive library of threat actor profiles and simulation scenarios to evaluate and improve security controls and incident response plans
• Integrate findings from adversary simulations into security strategies, enhancing the organization's overall defensive posture
• Document and effectively communicate the outcomes of simulation exercises to a broad audience, providing actionable insights and recommendations
• Collaborate with cybersecurity and other cross-functional teams to refine security policies and procedures, fortifying defenses based on simulation feedback
• Design, build, and use custom tools and scripts to automate and enrich adversary simulation activities, ensuring they remain cutting-edge and impactful
• Stay informed about the latest cybersecurity trends and advancements, ensuring our adversary simulation practices are current and effective
• Train and mentor cybersecurity team members in adversary simulation techniques and strategies, fostering a culture of continuous learning and skill enhancement
• Work closely with software development teams, ensuring security measures are an integral part of the software development lifecycle

Preferred Qualifications

• Excellent communication skills, capable of effectively conveying complex security issues to diverse audiences
• Experience collaborating with cross-functional teams and contributing to policy and procedure development
• Familiarity with industry standards and regulations related to cybersecurity
• A passion for continuous learning and staying updated on the latest cybersecurity developments