Technical Writer, Security Ecosystem

San Francisco, CA or Remote (North America Only)

Applications have closed
Stripe logo
Stripe

Posted 1 month ago

The Stripe Security team is dedicated to improving the security of Stripe and its users. Our users trust us with some of their most sensitive information, and we make security a first-class consideration in everything we do. Security concerns are ever-evolving, creating an extremely dynamic environment for the Security team.

The goal of the Security Ecosystem team at Stripe is to provide support and operational structure to the Security team and its customers, both internal and external to Stripe. This is accomplished through a multifaceted approach, which includes programs (like our Third Party Security Risk Assessment Program, New Country Expansions, Security Training, and Internal Assessments) and support (for example, regulatory/audit support and assisting sales teams with security requests for proposals). 

The Security Ecosystem Technical Writer position will be part of Stripe’s CISO staff and work cross-functionally with Regulatory Affairs, Privacy Legal, Compliance, and Engineering teams. Responsibilities include managing Stripe’s security policies and standards, creating procedural docs and guidelines, maintaining a document library, writing technical documentation, contributing to internal communications, creating security presentations, and collaborating with security partners.


You Will:

  • Develop the external security presence of Stripe with articles and blog posts (see https://stripe.com/docs/security and https://stripe.com/blog)
  • Respond to security questionnaires and RFPs on behalf of Stripe and prepare and maintain supporting documentation (e.g., SIG, CAIQ)
  • Prepare, maintain, and improve documentation to support compliance and regulatory efforts (e.g., regulatory reports and license applications)
  • Assist in the policy lifecycle by monitoring changes to the standards and regulatory landscape as it pertains to the organization
  • Independently author and/or edit technical documents, including policies, procedures, and standards following established document formats
  • Translate security technical process information into user-friendly content
  • Document workflows and use cases, including data flow and/or architectural diagrams
  • Continuously promote security awareness and work with stakeholders on improving security communications

What You'll Need:

  • Strong communication skills, both written and verbal, including the ability to collaborate with information security and business leaders to research, author, socialize, and publish cyber and information security policies and standards
  • Working technical knowledge of security, as well as industry trends
  • Proficiency in HTML and Markdown
  • Conversant with Unix
  • Conversant with Git

Bonus Points:

  • Subject matter expert in cyber and information security practices, policies, standards and procedures (e.g., NIST CSF or equivalent)
  • Experience working in an agile environment
  • You have publicly available technical writing samples

You should include these in your application:

  • Any additional materials (e.g., writing sample in a particular style, description of why you want to work in the role, paragraph describing relevant experience)
Job tags: Blog posts Compliance Diagrams HTML NIST Research Security Stripe Subject matter expert Training Unix