Cloud Security Engineer

Who we are

About Stripe

Stripe is a financial infrastructure platform for businesses. Millions of companies—from the world's largest enterprises to the most ambitious startups—use Stripe to accept payments, grow their revenue, and accelerate new business opportunities. Our mission is to increase the GDP of the internet, and we have a staggering amount of work ahead. That means you have an unprecedented opportunity to put the global economy within everyone's reach while doing the most important work of your career.

About the team

Stripe powers businesses all over the world. We process payments, run marketplaces, detect fraud, help entrepreneurs start a business from anywhere in the world, build world-class developer-friendly APIs, and more. Nearly every system we operate interacts with sensitive financial or personal data—making security a top priority for Stripe.

Stripe will succeed at our mission of increasing the GDP of the internet only if we prove ourselves worthy of our users' trust. As an engineer on the Security team, you'll design and develop frameworks, systems, and solutions to ensure the security of Stripe's engineering infrastructure and, most importantly, privacy of our users' data.

The Cloud Security team accelerates Stripe's business priorities by building core security controls and services that empower teams to build quickly and securely on top of a well-governed cloud platform and partnering with infrastructure teams to advance select critical business priorities using novel infrastructure or integrations as that platform expands.

What you'll do

Responsibilities

• Design, build, and operate the core security infrastructure used by all of Stripe's engineering teams in close collaboration with other stakeholders and our users
• Uphold our high engineering standards and bring consistency to the many codebases and processes you'll encounter
• Contribute to team learning by improving engineering standards, tooling, and processes
• Design and build durable solutions that will advance Stripe's security beyond the state of the art
• Help expand Stripe's cloud footprint on top of secure, paved roads and guardrails
• Optimize for security controls that have delightful user experiences
• Partner closely with infrastructure and engineering teams building integrations with our cloud infrastructure or adopting new cloud managed services
• Make impactful decisions about systems and security—their edge cases, failure modes, and life cycles
• Use data to determine appropriate baselines against which to measure security
• Define infrastructure that reliably feeds signals to threat teams
• Evaluate and prototype new security tools and practices

You may work on

• Designing and implementing controls that support security invariants and enforce our security principles while providing a surprisingly great user experience
• Providing a migration path for newly acquired companies onto the Stripe Secure Platform, embedding with their engineers and biasing for action
• CI tooling for platform-related configuration, including IAM roles, SCPs, and associated components
• Guardrails and security controls for both commonly used and newer cloud technologies
• Expanding our cloud identity infrastructure to provide paved paths for AI and agentic access
• Automation tooling for continually driving down permissions and access across our cloud services

Who you are

Minimum requirements

• Empathy, strong communication skills, and a deep respect for the power of collaboration
• A learning mindset, regardless of level or experience
• The ability to drive clear next steps when encountering ambiguous spaces without clear lines of ownership
• High standards for code quality and a constructive attitude to help others raise the bar
• Software engineering experience in a high-stakes production environment
• A knack for considering how systems can fail and how to fix them
• An ability to think creatively and holistically about reducing risk in a complex environment
• Experience with security on one or more of AWS, Azure, or GCP

Preferred qualifications

• Experience conducting threat modeling of software or infrastructure in cloud-native environments
• Experience with Linux systems, Kubernetes, and container-based platforms
• Prior usage of security monitoring tools (e.g., CSPM, CNAAP)
• Experience in a multi-cloud or complex cloud environment
• A knack for considering how systems can fail and how to fix them
• An ability to think creatively and holistically about reducing risk in a complex environment