Staff Incident Response Engineer

at Stripe
  • Remote - Worldwide

Remote

Cybersecurity

Mid-level

Job description

Who we are

About Stripe

Stripe is a financial infrastructure platform for businesses. Millions of companies—from the world’s largest enterprises to the most ambitious startups—use Stripe to accept payments, grow their revenue, and accelerate new business opportunities. Our mission is to increase the GDP of the internet, and we have a staggering amount of work ahead. That means you have an unprecedented opportunity to put the global economy within everyone’s reach while doing the most important work of your career.

About the team

The Security Incident Response team works to analyze, investigate, and respond to threats before they impact Stripe’s business or users. From external attacks to insider threats, our goal is to respond with speed and precision, remediate, and support the incident postmortem process. The team is distributed, working primarily in Eastern and Pacific time zones, and will regularly coordinate with stakeholders in Europe and Asia.

What you’ll do

You will leverage your security engineering experience to improve incident response capabilities at Stripe. With an emphasis on user and entity behavior analytics, as well as endpoint hardening, you will gain a deep understanding of Stripe’s systems, tooling, and workflows to be able to differentiate between legitimate and malicious activity.  Using both threat intelligence and collected telemetry, you will guide and build Stripe-specific signals enrichment logic and incident response solutions that scale with our company.  Lastly, your analytic capabilities will be critical during security incidents to reduce uncertainty, uncover root causes, and inform future prevention and detection mechanisms.

Responsibilities

  • Work with security engineering and data science teams to build solutions for analyzing security events data at scale and protecting Stripe networks, systems, and data from threats.
  • Contribute to strategic objectives, while aligning technical vision across dependent teams.
  • Develop requirements for detection models and enhancements to existing systems, setting a high standard for technical decision-making influenced by industry best practices.
  • Collect, transform, and ingest raw data from disparate sources into threat detection pipelines, ensuring the solutions developed reflect consistent engineering quality.
  • Analyze and investigate a broad range of threats or activities occurring on client devices.
  • Provide actionable insights to help identify, prevent, detect, and respond to anomalous or potentially malicious user and entity activity, fostering creative problem-solving.
  • Streamline incident response capabilities, ensuring the tooling and processes are clear, while mentoring team members to improve overall incident response practices.
  • Act as the subject-matter expert and primary contact for stakeholders invested in Security Analytics & Detection programs, promoting strategic alignment with broader company initiatives.
  • Collaborate effectively with teammates, leading projects and championing rigorous engineering standards within the team.

Who you are

We’re looking for someone who meets the minimum requirements to be considered for the role. If you meet these requirements, you are encouraged to apply. The preferred qualifications are a bonus, not a requirement.

Minimum requirements

  • 7+ years experience analyzing large data sets to solve problems and/or building models with a behavioral approach to security
  • B.S. or M.S. in Cybersecurity, Computer Science, or related field
  • Expert knowledge of Python and SQL, and familiarity with other programming languages
  • Existing experience with log analysis (e.g. first or third party applications, system / data access, event logs), network security, digital forensics, and incident response investigations
  • Proficiency with developing and using novel analytical methods to build, automate, and improve detection and response systems
  • Ability to communicate results clearly, focus on impact, and think holistically about reducing risk in a complex environment

Preferred qualifications

  • An adversarial mindset, understanding the goals, behaviors, and TTPs of threat actors.
  • Experience with engineering, data processing and analysis tools (e.g. Databricks, Trino, etc.)
  • Familiarity with common open-source frameworks for big data processing and/or data science (PySpark, Pandas, Sci-kit Learn, etc.)
  • Experience with tactical threat intelligence and/or hunting for sophisticated threat actors in an enterprise environment
  • Familiarity with network observability, security software, or data engineering solutions (osquery, Splunk, etc.)
  • Experience in one or more of the following areas: user and entity behavior analytics (UEBA), security information event management (SIEM), security orchestration automation and response (SOAR), or data loss prevention (DLP)
Share this job:
Please let Stripe know you found this job on Remote First Jobs 🙏

Similar Remote Jobs

Stripe logo

Stripe

Financial infrastructure platform

  • 1001-5000 employees
  • Founded in 2010
  • 70 remote jobs
View all jobs

Latest Jobs at Stripe

Benefits of using Remote First Jobs

Discover Hidden Jobs

Unique jobs you won't find on other job boards.

Advanced Filters

Filter by category, benefits, seniority, and more.

Priority Job Alerts

Get timely alerts for new job openings every day.

Manage Your Job Hunt

Save jobs you like and keep a simple list of your applications.

Search remote, work from home, 100% online jobs

We help you connect with top remote-first companies.

Search jobs

Hiring remote talent? Post a job

Frequently Asked Questions

What makes Remote First Jobs different from other job boards?

Unlike other job boards that only show jobs from companies that pay to post, we actively scan over 20,000 companies to find remote positions. This means you get access to thousands more jobs, including ones from companies that don't typically post on traditional job boards. Our platform is dedicated to fully remote positions, focusing on companies that have adopted remote work as their standard practice.

How often are new jobs added?

New jobs are constantly being added as our system checks company websites every day. We process thousands of jobs daily to ensure you have access to the most up-to-date remote job listings. Our algorithms scan over 20,000 different sources daily, adding jobs to the board the moment they appear.

Can I trust the job listings on Remote First Jobs?

Yes! We verify all job listings and companies to ensure they're legitimate. Our system automatically filters out spam, junk, and fake jobs to ensure you only see real remote opportunities.

Can I suggest companies to be added to your search?

Yes! We're always looking to expand our listings and appreciate suggestions from our community. If you know of companies offering remote positions that should be included in our search, please let us know. We actively work to increase our coverage of remote job opportunities.

How do I apply for jobs?

When you find a job you're interested in, simply click the 'Apply Now' button on the job listing. This will take you directly to the company's application page. We kindly ask you to mention that you found the position through Remote First Jobs when applying, as it helps us grow and improve our service 🙏

Apply now