Security Infrastructure Engineer, Secure Devices

Who we are

About Stripe

Stripe is a financial infrastructure platform for businesses. Millions of companies—from the world’s largest enterprises to the most ambitious startups—use Stripe to accept payments, grow their revenue, and accelerate new business opportunities. Our mission is to increase the GDP of the internet, and we have a staggering amount of work ahead. That means you have an unprecedented opportunity to put the global economy within everyone’s reach while doing the most important work of your career.

About the team

Secure Devices is responsible for ensuring that every client endpoint at Stripe adheres to our rigorous security standards. Our services play a crucial role in detecting and preventing data loss, restricting software execution to only approved software, and providing attestation capabilities to securely manage device identities. We operate both on-device and backend services across multiple platform types. Our users-first approach ensures that we’re empowering Stripes to be as productive as possible while protecting user data. 

What you’ll do

As a software engineer on Secure Devices, you will work at the intersection of software development, security, and client platform engineering. You will work with teams across Security and Corporate Engineering to drive strategic projects to better secure Stripe endpoints, build infrastructure for supporting new platforms, and operate services critical to securing over 10,000 Stripe devices.

Responsibilities

  • Build and maintain a users-first data loss prevention program to protect against accidental and malicious data exfiltration.
  • Design, build and maintain Stripe’s endpoint security software. This includes developing telemetry and prevention capabilities via macOS system extensions that run on all Stripe macOS devices.
  • Collaborate closely with partner teams to define and measure the secure configuration of Stripe’s client platforms.
  • Operate backend services providing critical controls and security configuration to Stripe endpoints.
  • Drive down usage of unapproved, untrusted software while creating a surprisingly great user experience for onboarding new, approved software. 
  • Manage and improve device attestation flows to ensure Stripe’s device and user identities are kept secure.

Who you are

We’re looking for someone who meets the minimum requirements to be considered for the role. If you meet these requirements, you are encouraged to apply. The preferred qualifications are a bonus, not a requirement.

Minimum requirements

  • Empathy, strong communication skills and a deep respect for the power of collaboration
  • The ability to drive clear next steps when encountering ambiguous spaces without clear lines of ownership
  • High standards for code quality and a constructive attitude to help others raise the bar
  • Software engineering experience in a high-stakes production environment
  • An ability to think creatively and holistically about reducing risk in a complex environment
  • Experience building and operating security sensitive services

Preferred qualifications

  • Experience securing macOS endpoints, preferably through the development of system and network extensions
  • Exposure to data loss prevention tooling and strategies
  • Ability to develop backend networked applications capable of handling a high number of RPS
  • General proficiency in securing client devices
  • Understanding of topics such as platform hardening, malware detection, and endpoint management through configuration as code.

  • Understanding of networking protocols across various levels of the stack

  • TCP, DNS, SSH, TLS, HTTP
    ^

  • Linux system administration knowledge

  • Additional experience securing alternative platforms including Windows, Android, or iOS devices

Working remotely at Stripe

A remote location, in most cases, is defined as being 35 miles (56 kilometers) or more from one of our offices. While you would be welcome to come into the office for team/business meetings, on-sites, meet-ups, and events, our expectation is you would regularly work from home rather than a Stripe office. Stripe does not cover the cost of relocating to a remote location. We encourage you to apply for roles that match the location where you currently or plan to live.

Pay and benefits

The annual US base salary range for this role is $136,800 - $205,200. For sales roles, the range provided is the role’s On Target Earnings ("OTE") range, meaning that the range includes both the sales commissions/sales bonuses target and annual base salary for the role. This salary range may be inclusive of several career levels at Stripe and will be narrowed during the interview process based on a number of factors, including the candidate’s experience, qualifications, and location. Applicants interested in this role and who are not located in the US may request the annual salary range for their location during the interview process.

Additional benefits for this role may include: equity, company bonus or sales commissions/bonuses; 401(k) plan; medical, dental, and vision benefits; and wellness stipends.

Remote locations

Remote in United States

Team

Security

Job type

Full time

Please find our California applicant personal information notice here.

We look forward to hearing from you

At Stripe, we're looking for people with passion, grit, and integrity. You're encouraged to apply even if your experience doesn't precisely match the job description. Your skills and passion will stand out—and set you apart—especially if your career has taken some extraordinary twists and turns. At Stripe, we welcome diverse perspectives and people who think rigorously and aren't afraid to challenge assumptions. Join us.