Security Engineer

Summary

Join Stripe's Security Partnership team and help build secure-by-design products. Collaborate with product teams and security engineering to review early-stage designs, develop threat models, and scale impact through automation. You will curate security patterns, author security guidance and training, and champion security initiatives. The role involves working with various teams on critical initiatives, including secure AI and LLM usage, payment processing improvements, and enhancing automated threat modeling tooling. You will also help reduce security debt across Stripe's product portfolio. This position requires strong collaboration, communication, and a proactive approach to problem-solving.

Requirements

• 5+ years of experience in security
• Empathy, strong communication skills and a deep respect for the power of collaboration
• A learning mindset, regardless of level or experience
• The ability to drive clear next steps when encountering ambiguous spaces without clear lines of ownership
• An ability to think creatively and holistically about reducing risk in a complex environment
• Breadth of applied knowledge across application and infrastructure security
• Demonstrated experience securing applications in a cloud environment
• Experience with containerization and orchestration technologies such as Docker and Kubernetes
• The ability to think like an attacker, develop threat models and help teams reason through different approaches to reducing security risk
• A desire to sub-linearly scale security through simple design, abstraction and education

Responsibilities

• Work closely with product engineering teams to design solutions that are secure by default
• Be a security subject matter expert and able to tailor answers to security questions from non-engineers and engineers, alike
• Lead threat modeling discussions and help teams strike the right balance between security, user experience and product advancement
• Scale security effort by empowering engineering teams with automation, security guidance, tooling, patterns and training
• Drive high impact, cross-team security initiatives
• Develop a deep understanding of Stripe’s security primitives, frameworks, and invariants
• Mentor teammates and others across the organization

Preferred Qualifications

• Software engineering experience in a production environment
• Mobile security experience (native apps and mobile SDKs - nice-to-have )