Software Engineer, Cloud Security

Stripe powers businesses all over the world. We process payments, run marketplaces, detect fraud, help entrepreneurs start a business from anywhere in the world, build world-class developer-friendly APIs, and more. Nearly every system we operate interacts with sensitive financial or personal data — making security a top priority for Stripe.

Stripe will succeed at our mission of increasing the GDP of the internet only if we prove ourselves worthy of our users’ trust. As an engineer on the Security team, you will design and develop frameworks, systems, and solutions to ensure the security of Stripe’s engineering infrastructure and, most importantly, privacy of our users’ data.

The Cloud Security team defines security primitives and guardrails to allow our colleagues to quickly and confidently build for Stripe’s users. Our scope includes cloud security architecture, data-driven definition of security baselines, centralized controls, and strategic direction of security efforts for our cloud environment.

You will:

• Design, build, and operate the core security infrastructure used by all of Stripe’s engineering teams in close collaboration with other stakeholders and our users.
• Uphold our high engineering standards and bring consistency to the many codebases and processes you will encounter
• Contribute to team learning by improving engineering standards, tooling, and processes
• Design and build durable solutions that will advance Stripe’s security beyond the state of the art.
• Optimize for security controls that have delightful user experiences.
• Make impactful decisions about systems and security — their edge cases, failure modes, and life cycles
• Use data to determine appropriate baselines against which to measure security
• Define infrastructure that reliably feeds signals to threat teams
• Evaluate and prototype new security tools and practices

We’re looking for someone who has:

• Empathy, strong communication skills and a deep respect for the power of collaboration
• A learning mindset, regardless of level or experience
• The ability to drive clear next steps when encountering ambiguous spaces without clear lines of ownership
• High standards for code quality and a constructive attitude to help others raise the bar
• Software engineering experience in a high-stakes production environment
• A knack for considering how systems can fail and how to fix them
• An ability to think creatively and holistically about reducing risk in a complex environment
• Deep experience with security on AWS or other cloud providers

You may work on:

• Designing and implementing controls that support security invariants and enforce our security principles while providing a surprisingly great user experience
• Cloud control plane proxy systems which guarantee that the access to raw cloud interfaces comprise the Stripe Secure Platform are performed through safe and secure interfaces
• Providing a migration path for newly acquired companies onto the Stripe Secure Platform
• CI tooling for platform-related configuration: IAM roles, SCPs, and associated components
• Ensuring all cloud infrastructure is defined in code and strict change management is in place
• Guardrails and security controls for commonly used and newer cloud technologies