Security Engineer, New Grad

About Stripe

Stripe is a financial infrastructure platform for businesses, enabling millions of companies, from startups to large enterprises, to accept payments, grow revenue, and accelerate new opportunities. Our mission is to increase the GDP of the internet, offering an unparalleled chance to contribute to the global economy.

About The Team

Joining Stripe offers a unique balance between a small startup and a multinational company. We have systems and processes tailored for early-career professionals, fostering an environment that values rigor, discipline, and reliability in our products, workflows, and colleagues. You will learn how top teams build extremely reliable systems and will be responsible for operating them with robust support.

The Security organization is dedicated to building and maintaining a secure financial infrastructure platform. As a Security Engineer, New Grad, you will be at the forefront, engineering solutions that protect sensitive data and systems vital to the global economy. You will contribute to core security functions like threat detection, rapid incident response, building and scaling vulnerability management platforms, and proactively performing offensive security assessments to identify weaknesses. This role provides an opportunity to apply software engineering principles and new technologies like AI to solve complex, high-stakes security challenges, ensuring Stripe's mission is achieved securely.

What you’ll do as a Security Engineer, New Grad

As a Security Engineer, New Grad, you will work across various security disciplines, owning projects from inception to completion. Your primary focus will be on securing Stripe's intricate environment by applying software engineering principles to critical security challenges.

• You will learn and apply secure-by-default design principles through close collaboration with product and infrastructure engineering teams.
• You'll develop a foundational understanding of key security domains, including threat detection, incident response, vulnerability management, and offensive security.
• You'll gain expertise in acting as a security subject matter expert, effectively communicating complex concepts to both engineers and non-engineers.
• You'll contribute to the development of internal tools and automation, scaling security efforts across Stripe.
• You will participate in threat modeling discussions, learning to balance essential security requirements with product advancement and user experience.

Responsibilities

• Work on cross-functional projects, collaborating directly with other engineers.
• Provide meaningful feedback on code reviews and technical designs.
• Contribute to our overall security posture by continuously improving security processes, tooling, and defenses.
• Develop a deep understanding of Stripe’s security primitives, frameworks, and invariants.
• Provide actionable insights to help identify, prevent, detect, and respond to anomalous or potentially malicious activity.

Who you are

We encourage applications from candidates who meet the minimum requirements. Preferred qualifications are a bonus, not a strict requirement.

Minimum Requirements

• Currently enrolled in a Bachelor’s or Master’s program in Computer Science or a related field (graduating by Summer 2026).
• Some experience and familiarity with programming through side projects or classwork. Our primary languages include Java, Ruby, Python, JavaScript, Scala, and Go, with an emphasis on foundational knowledge over specific language expertise.
• Experience from previous internships or collaborative multi-person coding projects (academic or professional setting).
• Ability to learn unfamiliar systems and develop a comprehensive understanding through independent research and mentorship.
• Aptitude to think like an attacker and strategize approaches to reduce security risk effectively.

Preferred Qualifications

• Experience in code review practices and understanding of safe production system updates.
• Familiarity with navigating and managing work within large code bases.
• Prior experience or coursework in cybersecurity, digital forensics, or incident response (e.g., log analysis, capture-the-flag events).
• Familiarity with foundational security concepts such as the OWASP Top 10 web application vulnerabilities.
• Basic knowledge of SQL or experience analyzing medium to large datasets.
• Exposure to cloud computing platforms such as AWS, Azure, or Google Cloud Platform.
• An adversarial mindset, understanding the goals, behaviors, and TTPs (tactics, techniques, and procedures) of threat actors.

Key skills/competency

• Software Engineering
• Cybersecurity
• Threat Detection
• Incident Response
• Vulnerability Management
• Offensive Security
• Python
• Java
• Cloud Security
• System Design