Software Engineer, Cloud Security
Remote, North America
Stripe
Stripe powers online and in-person payment processing and financial solutions for businesses of all sizes. Accept payments, send payouts, and automate financial processes with a suite of APIs and no-code tools.Stripe powers businesses all over the world. We process payments, run marketplaces, detect fraud, help entrepreneurs start a business from anywhere in the world, build world-class developer-friendly APIs, and more. Nearly every system we operate interacts with sensitive financial or personal data — making security a top priority for Stripe.
Stripe will succeed at our mission of increasing the GDP of the internet only if we prove ourselves worthy of our users’ trust. As an engineer on the Security team, you will design and develop frameworks, systems, and solutions to ensure the security of Stripe’s engineering infrastructure and, most importantly, privacy of our users’ data.
The Cloud Security team defines security primitives and guardrails to allow our colleagues to quickly and confidently build for Stripe’s users. Our scope includes cloud security architecture, data-driven definition of security baselines, centralized controls, and strategic direction of security efforts for our cloud environment.
You will:
- Design, build, and operate the core security infrastructure used by all of Stripe’s engineering teams in close collaboration with other stakeholders and our users.
- Uphold our high engineering standards and bring consistency to the many codebases and processes you will encounter
- Contribute to team learning by improving engineering standards, tooling, and processes
- Design and build durable solutions that will advance Stripe’s security beyond the state of the art.
- Optimize for security controls that have delightful user experiences.
- Make impactful decisions about systems and security — their edge cases, failure modes, and life cycles
- Use data to determine appropriate baselines against which to measure security
- Define infrastructure that reliably feeds signals to threat teams
- Evaluate and prototype new security tools and practices
We’re looking for someone who has:
- Empathy, strong communication skills and a deep respect for the power of collaboration
- A learning mindset, regardless of level or experience
- The ability to drive clear next steps when encountering ambiguous spaces without clear lines of ownership
- High standards for code quality and a constructive attitude to help others raise the bar
- Software engineering experience in a high-stakes production environment
- A knack for considering how systems can fail and how to fix them
- An ability to think creatively and holistically about reducing risk in a complex environment
- Deep experience with security on AWS or other cloud providers
You may work on:
- Designing and implementing controls that support security invariants and enforce our security principles while providing a surprisingly great user experience
- Cloud control plane proxy systems which guarantee that the access to raw cloud interfaces comprise the Stripe Secure Platform are performed through safe and secure interfaces
- Providing a migration path for newly acquired companies onto the Stripe Secure Platform
- CI tooling for platform-related configuration: IAM roles, SCPs, and associated components
- Ensuring all cloud infrastructure is defined in code and strict change management is in place
- Guardrails and security controls for commonly used and newer cloud technologies
Tags: APIs AWS Cloud IAM Privacy
Perks/benefits: Startup environment
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Security Operations Engineer jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Analyst jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open Windows-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open DevSecOps-related jobs
- Open EDR-related jobs