Software Engineer, Cloud Security

About the position

Stripe is a financial infrastructure platform for businesses. Millions of companies - from the world's largest enterprises to the most ambitious startups - use Stripe to accept payments, grow their revenue, and accelerate new business opportunities. Our mission is to increase the GDP of the internet, and we have a staggering amount of work ahead. That means you have an unprecedented opportunity to put the global economy within everyone's reach while doing the most important work of your career. The Cloud Security team defines security primitives and guardrails to allow our colleagues to quickly and confidently build for Stripe's users. Our scope includes cloud security architecture, data-driven definition of security baselines, centralized controls, and strategic direction of security efforts for our cloud environment.

Responsibilities

• Design, build, and operate the core security infrastructure used by all of Stripe's engineering teams in close collaboration with other stakeholders and our users.
• Uphold our high engineering standards and bring consistency to the many codebases and processes you will encounter.
• Contribute to team learning by improving engineering standards, tooling, and processes.
• Design and build durable solutions that will advance Stripe's security beyond the state of the art.
• Optimize for security controls that have delightful user experiences.
• Make impactful decisions about systems and security - their edge cases, failure modes, and life cycles.
• Use data to determine appropriate baselines against which to measure security.
• Define infrastructure that reliably feeds signals to threat teams.
• Evaluate and prototype new security tools and practices.

Requirements

• High standards for code quality and a constructive attitude to help others raise the bar.
• Software engineering experience in a high-stakes production environment.
• A knack for considering how systems can fail and how to fix them.
• An ability to think creatively and holistically about reducing risk in a complex environment.
• Deep experience with security on one, or more of, AWS, Azure, or GCP.

Nice-to-haves

• Experience conducting threat modeling of software or infrastructure in cloud native environments.
• Prior usage of security monitoring tools (e.g., CSPM, CNAAP).
• Experience in a multi-cloud, or complex, cloud environment.

Benefits

• Equity
• Company bonus or sales commissions/bonuses
• 401(k) plan
• Medical, dental, and vision benefits
• Wellness stipends