Security Analyst, Bridge

Who We Are

Bridge is Stripe’s fintech innovation hub focused on building a modern, stablecoin-powered cross-border payments network. Operating like a startup within Stripe, we are fast-paced, entrepreneurial, and product-obsessed, backed by one of the most trusted names in fintech.

We are hiring a Security Analyst, Bridge / Program Manager to build and scale Bridge’s security foundation. This is a rare opportunity to design the security governance, risk, and compliance programs from the ground up, while leveraging the infrastructure, best practices, and tooling of one of the most mature security organizations in the industry.

What You'll Do

• Design and implement Bridge’s security governance, risk, and compliance roadmaps from first principles to production.
• Identify and tackle Bridge’s most important security risks quickly and pragmatically.
• Adopt Stripe’s programs, controls, and processes where it makes sense, and find custom approaches where it doesn’t.
• Lead risk assessment, control design, and testing for all Security and Technology Oversight globally.
• Reinforce engineering best practices around secure development and infrastructure.
• Ensure Bridge meets compliance and audit expectations as we scale to more regulated markets.
• Collaborate cross-functionally with engineering, product, and Stripe’s security org to move fast without compromising safety.

About You

You might be a good fit if you:

• Have 8+ years of experience in Security GRC, ideally with time spent in fast-paced startup environments where you’ve built security practices from the ground up.
• Have a startup mindset: you’re scrappy, pragmatic, and move quickly to solve the most critical problems.
• You’re proficient with NIST CSF, OCC’s Cybersecurity Supervision Work Program, and/or FFIEC IT Examination Handbook or other similar global frameworks.
• Proven prior experience with regulatory audits from Global auditors across Security domains.
• Thrive in ambiguity and know how to ruthlessly prioritize.
• Can balance security rigor with speed, especially in fast-moving environments.
• Communicate clearly across technical and non-technical partners.
• Have experience building or scaling security programs, either at a startup or in an embedded role.
• Are excited about the potential of crypto and stablecoins to power global financial infrastructure (you don’t need deep prior knowledge—just curiosity and openness to learn).

Key skills/competency

• Security GRC
• Risk Assessment
• Compliance Programs
• NIST CSF
• Regulatory Audits
• Cybersecurity Supervision
• FFIEC IT Examination
• Secure Development
• Stablecoins
• Fintech Security