Cloud Security Engineer

Stripe is a financial infrastructure platform for businesses. Millions of companies—from the world’s largest enterprises to the most ambitious startups—use Stripe to accept payments, grow their revenue, and accelerate new business opportunities. Our mission is to increase the GDP of the internet, and we have a staggering amount of work ahead. That means you have an unprecedented opportunity to put the global economy within everyone’s reach while doing the most important work of your career.

Stripe powers businesses all over the world. We process payments, run marketplaces, detect fraud, help entrepreneurs start a business from anywhere in the world, build world‑class developer‑friendly APIs, and more. Nearly every system we operate interacts with sensitive financial or personal data—making security a top priority for Stripe.

As an engineer on the Security team, you will design and develop frameworks, systems, and solutions that ensure the security of Stripe’s engineering infrastructure and, most importantly, protect the privacy of our users’ data.

The Cloud Security team accelerates Stripe’s business priorities by building core security controls and services that empower teams to build quickly and securely on top of a well‑governed cloud platform and partner with infrastructure teams to advance select critical business priorities using novel infrastructure or integrations as the platform expands.

• Design, build, and operate the core security infrastructure used by all of Stripe’s engineering teams in close collaboration with other stakeholders and our users.
• Uphold our high engineering standards and bring consistency to the many codebases and processes you will encounter.
• Contribute to team learning by improving engineering standards, tooling, and processes.
• Design and build durable solutions that will advance Stripe’s security beyond the state of the art.
• Help expand Stripe’s cloud footprint on top of secure, paved roads and guardrails.
• Optimize for security controls that have delightful user experiences.
• Partner closely with infrastructure and engineering teams building integrations with our cloud infrastructure or adopting new cloud managed services.
• Make impactful decisions about systems and security—their edge cases, failure modes, and life cycles.
• Use data to determine appropriate baselines against which to measure security.
• Define infrastructure that reliably feeds signals to threat teams.
• Evaluate and prototype new security tools and practices.

• Designing and implementing controls that support security in variants and enforce our security principles while providing a surprisingly great user experience.
• Providing a migration path for newly acquired companies onto the Stripe Secure Platform, embedding with their engineers and biasing for action.
• CI tooling for platform‑related configuration: IAM roles, SCPs, and associated components.
• Guardrails and security controls for both commonly used and newer cloud technologies.
• Expanding our cloud identity infrastructure to provide paved paths for AI and agentic access.
• Automation tooling for continually driving down permissions and access across our cloud services.

• Software engineering experience in a high‑stakes production environment.
• Empathy, strong communication skills, and a deep respect for the power of collaboration.
• A learning mindset, regardless of level or experience.
• The ability to drive clear next steps when encountering ambiguous spaces without clear lines of ownership.
• High standards for code quality and a constructive attitude to help others raise the bar.
• An ability to think creatively and holistically about reducing risk in a complex environment.
• Experience with security on one or more of AWS, Azure, or GCP.
• Experience conducting threat modeling of software or infrastructure in cloud‑native environments.
• Experience with Linux systems, Kubernetes, and/or container‑based platforms.
• Prior usage of security monitoring tools (e.g., CSPM, CNAAP).
• Experience in a multi‑cloud, or complex, cloud environment.