Remote in North America only

Full time

Security

Staff Engineer, Offensive Security

Help secure Stripe, our users, and the internet

Remote in North America only

Full time

Security

Staff Engineers at Stripe leverage their problem solving and leadership skills to enable us to build software and systems that are critical to the long-term success of Stripe and our users. We’ve been trusted with some of their most sensitive information, and we make security a first-class consideration in everything we do.

We have a high security bar and this team will play a critical role in ensuring our existing and future products meet that bar. Security Exercises will be responsible for developing internal penetration tests to validate if security controls work, guide remediation efforts, and accelerate Stripe towards world class security. As a foundational technical resource, this engineer will be pivotal in defining how the team and its capabilities are scaled and leveraged. 

We’re looking for people with experience pushing security measures to their limits and an ability to think like an attacker, without shedding empathy. If you enjoy tackling dynamic challenges, have an eye for details and an enthusiasm for problem solving, we’d love to talk.

You will:

  • Develop credible hypotheses of potential attacks and vulnerabilities that present security flaws of a technical, rather than human nature
  • Lead Stripe’s engineering organization through frequent security exercises
  • Develop and deploy exploit tooling on the fly as needed to test defenses. The ideal candidate has authored industry attacker toolkit components
  • Build and publish robust documentation that allows for remediation that is both realistic and scalable
  • Introduce security standards that are enforced through empathetic guidance
  • Leverage metrics to drive the understanding of our capabilities as a security organization, as well as influence how we interpret said data

You may be additive to our team if you:

  • Have high empathy and low ego You have 7 or more years of experience of offensive security engineering in a web scale environment
  • Take delight in solving hard problems, and helping others do the same in an environment of increasing pace and scale
  • Have experience in offensive security, thinking like a hacker in both a conventional and future sense
  • Enjoy collaborating with and steering the technical understanding of large organizations
  • You’re a talent magnet and team builder; you know how to grow a security practice and those around you
  • High standards for security and a constructive attitude

At Stripe, we're looking for people with passion, grit, and integrity. You're encouraged to apply even if your experience doesn't precisely match the job description. Your skills and passion will stand out—and set you apart—especially if your career has taken some extraordinary twists and turns. At Stripe, we welcome diverse perspectives and people who think rigorously and aren't afraid to challenge assumptions. Join us.

#LI-AR6