Join the Base10 family

Open opportunities with founders believing purpose is key
to profits and companies solving problems for the 99%

Security Engineer, Threat Detection

Stripe

Stripe

United States · Remote
Posted on Friday, April 26, 2024

Who we are

About Stripe

Stripe is a financial infrastructure platform for businesses. Millions of companies—from the world’s largest enterprises to the most ambitious startups—use Stripe to accept payments, grow their revenue, and accelerate new business opportunities. Our mission is to increase the GDP of the internet, and we have a staggering amount of work ahead. That means you have an unprecedented opportunity to put the global economy within everyone’s reach while doing the most important work of your career.

About the Team

The Threat Detection Team at Stripe represents a fusion of offensive and defensive cybersecurity expertise. We focus on both simulating real-world cyber attacks and developing resilient defenses. Our team, operating across US time zones, works closely with global stakeholders, ensuring our impact is broad and meaningful.

What You'll Do

As a Threat Detection Team Engineer, you'll play a dual role in both attacking and defending Stripe's digital assets. You will execute advanced adversary simulations, assess the resilience of our networks, systems, and applications, and use your findings to enhance our defensive strategies. Collaborating with internal teams and external partners, you will play a vital role in enhancing our offensive and defensive security posture and staying ahead of emerging threats. Your dedication to continuous improvement and alignment with organizational goals will contribute to the overall effectiveness of our detection team operations. Join us in our mission to safeguard our organization and stakeholders from evolving cyber risks.

Responsibilities

  • Execute sophisticated adversary simulation exercises that mimic real-world attacks, focusing on high-performance computing and storage environments.
  • Develop and maintain a comprehensive library of threat actor profiles and simulation scenarios to evaluate and improve security controls and incident response plans.
  • Integrate findings from adversary simulations into security strategies, enhancing the organization's overall defensive posture.
  • Document and effectively communicate the outcomes of simulation exercises to a broad audience, providing actionable insights and recommendations.
  • Collaborate with cybersecurity and other cross-functional teams to refine security policies and procedures, fortifying defenses based on simulation feedback.
  • Design, build, and use custom tools and scripts to automate and enrich adversary simulation activities, ensuring they remain cutting-edge and impactful.
  • Stay informed about the latest cybersecurity trends and advancements, ensuring our adversary simulation practices are current and effective.
  • Train and mentor cybersecurity team members in adversary simulation techniques and strategies, fostering a culture of continuous learning and skill enhancement.
  • Work closely with software development teams, ensuring security measures are an integral part of the software development lifecycle.

Who You Are

We’re looking for someone who meets the minimum requirements to be considered for the role. If you meet these requirements, you are encouraged to apply. The preferred qualifications are a bonus, not a requirement.

Minimum Requirements

  • 5+ years of experience in cybersecurity, with demonstrated expertise in both offensive and defensive tactics.
  • Bachelor's degree in Cybersecurity, Computer Science, or related field.
  • Experience in conducting advanced penetration tests, adversary simulations, and vulnerability assessments.
  • Deep understanding of the cyber threat landscape, including advanced attack vectors and countermeasures.
  • Proficiency in using cybersecurity tools and technologies for attack simulation and defense, including custom tool and script development.

Preferred Qualifications

  • Excellent communication skills, capable of effectively conveying complex security issues to diverse audiences.
  • Experience collaborating with cross-functional teams and contributing to policy and procedure development.
  • Familiarity with industry standards and regulations related to cybersecurity.
  • A passion for continuous learning and staying updated on the latest cybersecurity developments.
  • Join Stripe's Threat Detection Team to shape and protect the future of global financial infrastructure in an environment where your work is impactful and valued.
A remote location, in most cases, is defined as being 35 miles (56 kilometers) or more from one of our offices. While you would be welcome to come into the office for team/business meetings, on-sites, meet-ups, and events, our expectation is you would regularly work from home rather than a Stripe office. Stripe does not cover the cost of relocating to a remote location. We encourage you to apply for roles that match the location where you currently or plan to live.

The annual US base salary range for this role is $136,800 - $205,200. For sales roles, the range provided is the role’s On Target Earnings ("OTE") range, meaning that the range includes both the sales commissions/sales bonuses target and annual base salary for the role. This salary range may be inclusive of several career levels at Stripe and will be narrowed during the interview process based on a number of factors, including the candidate’s experience, qualifications, and location. Applicants interested in this role and who are not located in the US may request the annual salary range for their location during the interview process.

Additional benefits for this role may include: equity, company bonus or sales commissions/bonuses; 401(k) plan; medical, dental, and vision benefits; and wellness stipends.

Remote locations

Remote in United States

Team

Security

Job type

Full time