San Francisco

Full time

Security

Security Ecosystem Analyst

Our goal is to make Stripe secure for our users. 

San Francisco

Full time

Security

The Stripe security team is dedicated to improving the security of Stripe and its users. Our users trust us with some of their most sensitive information, and we make security a first-class consideration in everything we do. The security concerns are ever-evolving, creating an extremely dynamic environment for the security team.

You may be a fit for this role if you have:

  • Have hands-on experience evaluating, implementing, and managing, information management, asset management, data classification, and vulnerability resolution tooling
  • Experience managing and conducting audit readiness assessments within AWS (or similar) cloud security and infrastructure
  • Expert with assessing the configuration and implementation of security tools, related to network security,  endpoint security, encryption technology, vulnerability scans, access controls, etc.
  • Experience with PCI and SOC compliance programs as well as their technical and security requirements
  • Experience in security standards such as ISO 27001, 27002, 27005; NIST, COBIT, ITIL

You Will:

  • Prepare for, conduct, and report on external and internal audits, ensuring overall adherence to policy standards
  • Conduct technical and information security activities i.e security education; document and material classification and control and records management.
  • Maintain and enhance compliance to customer security requirements
  • Conduct and lead internal assessment for the contact center, covering all aspects of customer requirements and at the expected periodicity.
  • Coordinate and support internal and external stakeholders with closures of corrective action plan with in the customer defined timelines
  • Gather customer requirements/contractual obligations and ensure compliance
  • Oversee Stripe’s security awareness program including Security assessment and ongoing education
  • Coordinate across internal and external stakeholders to ensure compliance with formal security standards (PCI, SOC, etc,) and timelines

 

At Stripe, we're looking for people with passion, grit, and integrity. You're encouraged to apply even if your experience doesn't precisely match the job description. Your skills and passion will stand out—and set you apart—especially if your career has taken some extraordinary twists and turns. At Stripe, we welcome diverse perspectives and people who think rigorously and aren't afraid to challenge assumptions. Join us.

#LI-CW1