Application security engineers use security and development knowledge to help teams to move quickly without compromising on security.
Stripe powers businesses all over the world. We process payments, run marketplaces, detect fraud, help entrepreneurs start a business from anywhere in the world, build world-class developer-friendly APIs, and more. Nearly every system we operate interacts with sensitive financial or personal data — making security a top priority for Stripe.
We work throughout the entire software development lifecycle but split focus across two sub-teams: Design & Partnership; and Insight & Assessment.
Our Design & Partnership team works on secure-by-design and deep product partnership. We build strong relationships with other teams and help them build secure software. This includes reviewing early-stage designs, helping develop threat models, scaling impact by curating blessed security patterns, guidance, training; and championing security initiatives.
With the Design & Partnership team you will:
- Work with engineering teams to design solutions that are inherently secure
- Be a security subject matter expert and answer security questions
- Lead threat modeling discussions and help teams correctly balance security risk and product advancement
- Lead security initiatives
- Scale security effort by empowering engineering teams with the right guidance, patterns and training
- Develop a deep understanding of Stripe coding practices and concerns.
We’re looking for someone who has:
- Strong communication skills, is accustomed to working closely with engineering teams and has the ability to influence
- Breadth of applied knowledge across application security
- Software engineering experience in a production environment across multiple programming languages
- The ability to think like an attacker, develop threat models and help teams reason through different approaches to reducing risk
- A desire to scale security through simple design, abstraction and education