DevSecOps Engineer; Threat Detection & Penetration Testing

* This is an onsite role, we're looking for those who can come into office everyday in Manhattan.

You will be leveraging your security operations experience to analyze and respond to security notifications, events, and inquiries. You will be performing initial triage of potential security incidents through log and data analysis to determine whether or not activity is a substantiated or valid threat, assessing severity and potential impact, taking pre‑approved remediation measures to contain a threat, and escalating findings to investigators for further review and analysis.

You will use your knowledge of cyber threats and the results of your analysis to coordinate with partner teams to improve threat detection through tuning and creation of new use cases, to improve capabilities through enriching existing data and creation of new data feeds, and to improve triage accuracy, consistency and timeliness through automation. This role plays a critical part in threat detection and response, ultimately reducing the likelihood of security breaches and protecting sensitive company information.

• Analyze and investigate activity on company devices that could represent a security threat
• Work cross‑functionally with the Security teams to develop solutions for analyzing security events at scale and protecting Bask networks, systems, and data
• Interpret disparate data sources to report on trends and support investigative requests
• Collect requirements for enhancements to detection models and response systems
• Leverage existing systems and data to perform analyses and promote process improvements
• Provide actionable insights to help identify, prevent, detect, and respond to anomalous or potentially malicious user activity
• Collaborate effectively with teammates, lead projects, mentor others, and develop and champion quality operational standards across the team
• Provide expert technical guidance on threat detection and penetration testing methodologies.
• Drive the organizational security vision by prioritizing and overseeing the execution of projects aligned with our security roadmap.
• Collaborate cross‑functionally with security engineering teams to enhance detection systems, implement countermeasures, and ensure comprehensive protection of Stripe's networks, systems, and data.
• Develop, document, and implement strategies, playbooks, and capabilities to advance our threat detection and penetration testing functions.
• Continuously improve security processes by integrating feedback from penetration tests and threat detection activities into our security architecture.
• Coach and mentor individual contributors, championing a culture of learning and excellence within the team.

• Oversee
  employee onboarding and offboarding
  — creating and deactivating accounts, managing permissions, and ensuring smooth transitions.

• Maintain and improve
  SSO / identity management
  across platforms (Okta, Google SSO, etc.).

• Enforce
  IT security standards
  : MFA, password policies, VPNs, credential rotation, and endpoint protection.