Staff Application Security Engineer, M&A Security
Remote, North America
Stripe
Stripe powers online and in-person payment processing and financial solutions for businesses of all sizes. Accept payments, send payouts, and automate financial processes with a suite of APIs and no-code tools.Staff Application Security Engineers leverage their technical knowledge and leadership skills to enable development teams to move quickly without compromising on security. We influence security through partnerships and our ability to leverage expert guidance across Stripe's product teams.
As part of our M&A strategy Stripe believes it’s critical to evaluate each company’s secure design decisions, systems architecture and coding practices. During evaluation, the M&A security team Identifies, assesses, mitigates, and reports on information security and design risks. Post acquisition, we partner with the acquired company’s engineering teams to help them develop a consistent security roadmap that aligns well with Stripe’s technology expectations. Stripe’s strategic investments support our broader mission of expanding the GDP of the internet. We’re looking for seasoned Application Security engineers with 5+ years of relevant M&A and security experience to come help build our M&A security team.
Integrating an acquired company is hard, important work and is often the biggest determinant of whether an acquisition is ultimately successful. Security remains one of Stripe’s priorities. We believe that in order to maintain the highest degree of security for our Users we must ensure all investments adopt our common technology stack and the security protections it affords. We are looking for someone to scale appsec as a practice for our acquired companies, ensuring they follow rigorous security standards in their products.
**With the M&A Security team you will:**
* Work with engineering teams to design solutions that are inherently secure
* Be a security subject matter expert and answer security questions
* Lead threat modeling discussions and enable teams to balance competing interests
* Lead security initiatives for companies that Stripe acquires
* Scale security effort by empowering engineering teams with guidance, patterns and training
* Develop a deep understanding of Stripe's code base and set standards for incoming ecosystems
**You may be additive to our team if:**
* You have low ego and a high degree of empathy
* You have strong communication skills, including developing and evangelizing written and technical or architectural documentation on an organizational level
* You have a breadth of applied knowledge within Application Security, specifically in the areas of Threat Modeling. and Security Review
* You have an ability to understand risk within a highly regulated, dynamic, and rapidly growing environment. Moreover, you're able to up-level the ability for your engineering partners to do the same
* You have played a critical role in implementing application security standards within the context of multiple mergers and acquisitions
* You think about web security as an architect, and know how to position a growing AppSec practice within a faster growing company
* You have a desire to scale security through simple design, abstraction and education
Tags: Application security Strategy
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Security Operations Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Senior Security Analyst jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open Information System Security Officer (ISSO) jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open APIs-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open CI/CD-related jobs
- Open DevSecOps-related jobs