Software Engineer, Vulnerability Management
Stripe
Who we are
About Stripe
Stripe is a financial infrastructure platform for businesses. Millions of companies—from the world’s largest enterprises to the most ambitious startups—use Stripe to accept payments, grow their revenue, and accelerate new business opportunities. Our mission is to increase the GDP of the internet, and we have a staggering amount of work ahead. That means you have an unprecedented opportunity to put the global economy within everyone’s reach while doing the most important work of your career.
About the team
In this role, you would join Stripe's Vulnerability Management team. Our vision is to create a culture of continuous excellence in managing vulnerabilities. We want to enhance customer trust by giving users context about threats and vulnerabilities affecting Stripe's systems. We aim to be a key partner in Stripe's risk management by providing visibility into vulnerabilities across Stripe's products and services.
What you’ll do
As a Software Engineer focused on Vulnerability Management at Stripe, you will use your software engineering expertise to find and prioritize vulnerabilities in our systems. Working closely with engineers across the company, you will drive the timely remediation of discovered vulnerabilities, playing a key role in Stripe's overall security and risk strategy.
In addition, you will continuously improve Stripe's security defenses by enhancing our vulnerability management processes and selecting effective scanning tools to uncover weaknesses.
Your core responsibilities as a Vulnerability Management Software Engineer will involve detecting vulnerabilities and coordinating fixes to prevent exploits that could impact Stripe or our users. You will serve as an advisor on security risks, collaborating cross-functionally to advocate for practices that strengthen the safety of Stripe's systems and data.
Responsibilities
- Identify vulnerabilities using automated tools and triage them appropriately
- Collaborate with other teams to drive remediation of vulnerabilities
- Contribute to our overall security and risk management strategy
- Continuously improve our security posture, processes, and tools
Who you are
We’re looking for someone who meets the minimum requirements to be considered for the role. If you meet these requirements, you are encouraged to apply. The preferred qualifications are a bonus, not a requirement.
Minimum requirements
- 5+ years engineering experience in a high-stakes production environment
- Empathy, strong communication skills and a deep respect for the power of collaboration
- Significant experience in vulnerability management
- Familiarity with automated vulnerability identification tools and triage processes
- Excellent problem-solving skills and attention to detail
- High standards for code quality and a constructive attitude to help others raise the bar
- Software engineering or related technical experience
Preferred qualifications
- An ability to think creatively and holistically about reducing risk in a complex environment
- Previous experience in a regulated industry (e.g., financial services, healthcare)
This role is available either in an office or a remote location (typically, 35+ miles or 56+ km from a Stripe office).
Office-assigned Stripes spend at least 50% of the time in a given month in their local office or with users. This hits a balance between bringing people together for in-person collaboration and learning from each other, while supporting flexibility about how to do this in a way that makes sense for individuals and their teams.
A remote location, in most cases, is defined as being 35 miles (56 kilometers) or more from one of our offices. While you would be welcome to come into the office for team/business meetings, on-sites, meet-ups, and events, our expectation is you would regularly work from home rather than a Stripe office. Stripe does not cover the cost of relocating to a remote location. We encourage you to apply for roles that match the location where you currently or plan to live.
The annual US base salary range for this role is $163,100 - $244,700. For sales roles, the range provided is the role’s On Target Earnings ("OTE") range, meaning that the range includes both the sales commissions/sales bonuses target and annual base salary for the role. This salary range may be inclusive of several career levels at Stripe and will be narrowed during the interview process based on a number of factors, including the candidate’s experience, qualifications, and location. Applicants interested in this role and who are not located in the US may request the annual salary range for their location during the interview process.
Additional benefits for this role may include: equity, company bonus or sales commissions/bonuses; 401(k) plan; medical, dental, and vision benefits; and wellness stipends.
Office locations
Toronto
Remote locations
Remote in United States, or Canada
Team
Security
Job type
Full time