Cloud Security Engineer

Who we areAbout StripeStripe is a financial infrastructure platform for businesses. Millions of companies—from the world’s largest enterprises to the most ambitious startups—use Stripe to accept payments, grow their revenue, and accelerate new business opportunities. Our mission is to increase the GDP of the internet, and we have a staggering amount of work ahead. That means you have an unprecedented opportunity to put the global economy within everyone’s reach while doing the most important work of your career.About The TeamStripe powers businesses all over the world. We process payments, run marketplaces, detect fraud, help entrepreneurs start a business from anywhere in the world, build world-class developer-friendly APIs, and more. Nearly every system we operate interacts with sensitive financial or personal data — making security a top priority for Stripe.Stripe will succeed at our mission of increasing the GDP of the internet only if we prove ourselves worthy of our users’ trust. As an engineer on the Security team, you will design and develop frameworks, systems, and solutions to ensure the security of Stripe’s engineering infrastructure and, most importantly, privacy of our users’ data.The Cloud Security team accelerates Stripe’s business priorities by building core security controls and services that empower teams to build quickly and securely on top of a well-governed cloud platform and partnering with infrastructure teams to advance select critical business priorities using novel infrastructure or integrations as that platform expands.What will you do?Design, build, and operate the core security infrastructure used by all of Stripe’s engineering teams in close collaboration with other stakeholders and our users.Uphold our high engineering standards and bring consistency to the many codebases and processes you will encounterContribute to team learning by improving engineering standards, tooling, and processesDesign and build durable solutions that will advance Stripe’s security beyond the state of the art.Help expand Stripe’s cloud footprint on top of secure, paved roads and guardrailsOptimize for security controls that have delightful user experiencesPartner closely with infrastructure and engineering teams building integrations with our cloud infrastructure or adopting new cloud managed servicesMake impactful decisions about systems and security — their edge cases, failure modes, and life cyclesUse data to determine appropriate baselines against which to measure securityDefine infrastructure that reliably feeds signals to threat teamsEvaluate and prototype new security tools and practicesYou may work onDesigning and implementing controls that support security invariants and enforce our security principles while providing a surprisingly great user experienceProviding a migration path for newly acquired companies onto the Stripe Secure Platform, embedding with their engineers and biasing for actionCI tooling for platform-related configuration: IAM roles, SCPs, and associated componentsGuardrails and security controls for both commonly used and newer cloud technologiesExpanding our cloud identity infrastructure to provide paved paths for AI and agentic accessAutomation tooling for continually driving down permissions and access across our cloud servicesMinimum RequirementsEmpathy, strong communication skills and a deep respect for the power of collaborationA learning mindset, regardless of level or experienceThe ability to drive clear next steps when encountering ambiguous spaces without clear lines of ownershipHigh standards for code quality and a constructive attitude to help others raise the barSoftware engineering experience in a high-stakes production environmentA knack for considering how systems can fail and how to fix themAn ability to think creatively and holistically about reducing risk in a complex environmentExperience with security on one or more of AWS, Azure, or GCPPreferred QualificationsExperience conducting threat modeling of software or infrastructure in cloud native environmentsExperience with Linux systems, Kubernetes, and/or container-based platformsPrior usage of security monitoring tools (e.g., CSPM, CNAAP)Experience in a multi-cloud, or complex, cloud environmentA knack for considering how systems can fail and how to fix them An ability to think creatively and holistically about reducing risk in a complex environmentHybrid work at StripeThis role is available either in an office or a remote location (35+ miles or 56+ km from a Stripe office).In-office expectationsOffice-assigned Stripes spend at least 50% of the time in a given month in their local office or with users. This hits a balance between bringing people together for in-person collaboration and learning from each other, while supporting flexibility about how to do this in a way that makes sense for individuals and their teams.Working remotely at StripeA remote location is defined as being 35 miles (56 kilometers) or more from one of our offices. While you would be welcome to come into the office for team/business meetings, on-sites, meet-ups, and events, our expectation is you would regularly work from home rather than a Stripe office. Stripe does not cover the cost of relocating to a remote location. We encourage you to apply for roles that match the location where you currently live or plan to live.Pay and benefitsThe annual US base salary range for this role is $158,800 - $238,200. For sales roles, the range provided is the role’s On Target Earnings ("OTE") range, meaning that the range includes both the sales commissions/sales bonuses target and annual base salary for the role. This salary range may be inclusive of several career levels at Stripe and will be narrowed during the interview process based on a number of factors, including the candidate’s experience, qualifications, and location. Applicants interested in this role and who are not located in the US may request the annual salary range for their location during the interview process.Additional benefits for this role may include: equity, company bonus or sales commissions/bonuses; 401(k) plan; medical, dental, and vision benefits; and wellness stipends.Hybrid work at StripeThis role is available either in an office or a remote location (35+ miles or 56+ km from a Stripe office).In-office expectationsOffice-assigned Stripes spend at least 50% of the time in a given month in their local office or with users. This hits a balance between bringing people together for in-person collaboration and learning from each other, while supporting flexibility about how to do this in a way that makes sense for individuals and their teams.Working remotely at StripeA remote location is defined as being 35 miles (56 kilometers) or more from one of our offices. While you would be welcome to come into the office for team/business meetings, on-sites, meet-ups, and events, our expectation is you would regularly work from home rather than a Stripe office. Stripe does not cover the cost of relocating to a remote location. We encourage you to apply for roles that match the location where you currently live or plan to live.