Security Engineer, New Grad

Описание вакансии

Who we are

About Stripe

Stripe is a financial infrastructure platform for businesses. Millions of companies - from the world’s largest enterprises to the most ambitious startups - use Stripe to accept payments, grow their revenue, and accelerate new business opportunities. Our mission is to increase the GDP of the internet, and we have a staggering amount of work ahead. That means you have an unprecedented opportunity to put the global economy within everyone's reach while doing the most important work of your career.

About the team

Stripe offers an interesting middle ground between joining a small startup and going to work for a multinational company. We have systems and processes optimized for early-career professionals. You will be in an environment that prizes rigor, discipline, and reliability—from our products, from our ways of working, and from our colleagues. You will learn how the best teams put together extremely reliable systems, and you will be responsible for operating these systems, with adequate backup when things get tough.

The Security organization is dedicated to building and maintaining a secure financial infrastructure platform. By joining this team, you will be on the front lines, engineering solutions that protect the sensitive data and systems underpinning a huge portion of the world's economy. You will contribute to core security functions like threat detection and rapid incident response, building and scaling the platforms that manage vulnerabilities, and proactively performing offensive security assessments to identify weaknesses before they can be exploited. This is a chance to apply software engineering principles and new technologies such as AI to solve complex, high-stakes security challenges, ultimately ensuring that Stripe's mission to increase the GDP of the internet is achieved securely.

What you’ll do

As a Security Engineer New Grad you will have the opportunity to work across various security disciplines and own projects from start to finish. Your work will focus on securing Stripe's complex environment by applying software engineering principles to security challenges.

• You will learn and apply the principles of secure-by-default design by working closely with product and infrastructure engineering teams.
• You'll develop a foundational understanding of various security domains, such as threat detection, incident response, vulnerability management, or offensive security.
• You'll learn to act as a security subject matter expert, tailoring answers to both engineers and non-engineers.
• You'll contribute to the development of internal tools and automation to scale security efforts across Stripe.
• You will participate in threat modeling discussions, learning to balance security requirements with product advancement and user experience.

Responsibilities

• Work on cross-functional projects, directly collaborating with other engineers
• Give meaningful feedback on code reviews and technical designs
• Contribute to our overall security posture by continuously improving security processes, tooling, and defenses.
• Develop a deep understanding of Stripe’s security primitives, frameworks, and invariants.
• Provide actionable insights to help identify, prevent, detect, and respond to anomalous or potentially malicious activity.

Who you are

We’re looking for someone who meets the minimum requirements to be considered for the role. If you meet these requirements, you are encouraged to apply. The preferred qualifications are a bonus, not a requirement.

Minimum requirements

• Currently enrolled in a Bachelor’s or Master’s program in Computer Science or related field (graduating by Summer 2026)
• Some experience and familiarity with programming, either through side projects or classwork. We work mostly in Java, Ruby, Python, JavaScript, Scala, and Go. We believe new programming languages can be learned if the fundamentals and general knowledge are present
• Experience from either previous internships or working collaboratively on multi-person coding projects (in a university or professional setting)
• Ability to learn unfamiliar systems and form an understanding of those systems, through independent research and working with a mentor and subject matter experts
• Aptitude to think like an attacker and reason through different approaches to reducing security risk.

Preferred qualifications

• Experience in code review practices, and an understanding of how to safely update production systems
• Familiarity with navigating and managing work in large code bases
• Prior experience or course work in cyber security, digital forensics, or incidentresponse (e.g., through log analysis or capture-the-flag events).
• Familiarity with foundational security concepts such as the OWASP Top 10 web application vulnerabilities.
• Basic knowledge of SQL or experience analyzing medium to large data sets.
• Exposure to cloud computing platforms such as AWS, Azure, or Google Cloud Platform.
• An adversarial mindset, understanding the goals, behaviors, and TTPs (tactics, techniques, and procedures) of threat actors.