Security Engineer - Threat Detection

Who we are

About Stripe

Stripe is a financial infrastructure platform for businesses. Millions of companies—from the world's largest enterprises to the most ambitious startups—use Stripe to accept payments, grow their revenue, and accelerate new business opportunities. Our mission is to increase the GDP of the internet, and we have a staggering amount of work ahead. That means you have an unprecedented opportunity to put the global economy within everyone's reach while doing the most important work of your career.

About the team

The Proactive Threat team identifies, detects, and responds to threats before they impact Stripe's business or users. The Detection Engineering & Threat Hunting function sits at the intersection of offense and defense — we leverage deep knowledge of attacker tradecraft to build high-fidelity detections, hunt for sophisticated threats, and validate defensive capabilities across Stripe's critical systems.

We are builders first. Our team develops detection-as-code, automates analysis workflows, and builds tooling that scales detection and response across a complex, global environment. We partner closely with Threat Intelligence, Incident Response, and offensive security teams to ensure our detections are grounded in real-world adversary behavior.

The team is distributed across the United States (Eastern and Pacific time zones) and collaborates regularly with stakeholders across Stripe — including teams in Europe and Asia.

What you'll do

You will design, build, and maintain detections that identify malicious activity across Stripe's infrastructure, applications, and cloud environments. You'll leverage your understanding of attacker TTPs — from initial access through exfiltration — to develop detection logic that catches real threats while minimizing noise. Beyond writing detections, you'll conduct threat hunts, perform malware analysis, and build automation that enables detection engineering at scale.

Responsibilities

Design, build, an