Manager, Threat Detection & Penetration Testing
LOCATION
About Stripe
Stripe is a financial infrastructure platform for businesses. Millions of companies—from the world’s largest enterprises to the most ambitious startups—use Stripe to accept payments, grow their revenue, and accelerate new business opportunities. Our mission is to increase the GDP of the internet, and we have a staggering amount of work ahead. That means you have an unprecedented opportunity to put the global economy within everyone’s reach while doing the most important work of your career.
About the team
The Threat Detection and Penetration Testing team is integral to maintaining the security and integrity of Stripe’s systems and data. This team proactively identifies and mitigates threats through continuous monitoring and rigorous penetration testing. By simulating real-world attacks and leveraging advanced threat detection technologies, we safeguard our platform and ensure a robust security posture. Our team collaborates closely with stakeholders around the globe, including North America, Europe, and Asia, to enhance and evolve our security infrastructure.
What you’ll do
As the Manager of Threat Detection and Penetration Testing, you will lead a dynamic team tasked with identifying vulnerabilities, detecting threats, and conducting penetration tests to preempt and counteract potential security breaches. Your role involves not just managing personnel but also driving strategic initiatives to enhance our threat detection capabilities. You will work with various internal teams to implement improved security measures, ensure timely detection and remediation of threats, and provide insightful security assessments to fortify our defenses.
Responsibilities
- Lead, mentor, and support a team of threat analysts and penetration testers in detecting, analyzing, and mitigating security threats.
- Provide expert technical guidance on threat detection and penetration testing methodologies.
- Drive the organizational security vision by prioritizing and overseeing the execution of projects aligned with our security roadmap.
- Develop and refine KPIs and metrics to measure the effectiveness of threat detection and penetration testing activities, ensuring clear, consistent reporting to internal stakeholders.
- Collaborate cross-functionally with security engineering teams to enhance detection systems, implement countermeasures, and ensure comprehensive protection of Stripe's networks, systems, and data.
- Develop, document, and implement strategies, playbooks, and capabilities to advance our threat detection and penetration testing functions.
- Continuously improve security processes by integrating feedback from penetration tests and threat detection activities into our security architecture.
- Coach and mentor individual contributors, championing a culture of learning and excellence within the team.
Who you are
We’re looking for someone who meets the minimum requirements to be considered for the role. If you meet these requirements, you are encouraged to apply. The preferred qualifications are a bonus, not a requirement.
Minimum requirements
- 5+ years of experience leading Threat Detection, Penetration Testing, or similar security teams, including hands-on technical management experience.
- B.S. or M.S. in Computer Science or a related field, or equivalent experience in security.
- Proven experience in recruiting, growing, and leading technical teams with a focus on performance management.
- Excellent written and verbal communication skills, including the ability to develop and deliver security-related information to leadership.
- Advanced knowledge of penetration testing tools and methodologies, threat detection technologies, and security analytics.
- Experience with Python, SQL, and/or familiarity with other programming languages relevant to security operations.
- In-depth understanding of operating systems, file systems, and memory management on macOS, Linux, or Windows.
- Strong understanding of threat actor tactics, techniques, and procedures (TTPs).
Preferred qualifications
- Broad knowledge and experience across the information security domain, including familiarity with endpoint, email, network, identity management, cloud security, vulnerability management, incident response, and threat intelligence.
- Experience with engineering, data processing, and analysis tools.
- Familiarity with network observability, security software, or data engineering solutions (Chronicle, osquery, Splunk, etc.).
Working remotely at Stripe
A remote location, in most cases, is defined as being 35 miles (56 kilometers) or more from one of our offices. While you would be welcome to come into the office for team/business meetings, on-sites, meet-ups, and events, our expectation is you would regularly work from home rather than a Stripe office. Stripe does not cover the cost of relocating to a remote location. We encourage you to apply for roles that match the location where you currently or plan to live.Pay and benefits
The annual US base salary range for this role is $177,300 - $266,000. For sales roles, the range provided is the role’s On Target Earnings ("OTE") range, meaning that the range includes both the sales commissions/sales bonuses target and annual base salary for the role. This salary range may be inclusive of several career levels at Stripe and will be narrowed during the interview process based on a number of factors, including the candidate’s experience, qualifications, and location. Applicants interested in this role and who are not located in the US may request the annual salary range for their location during the interview process.
Additional benefits for this role may include: equity, company bonus or sales commissions/bonuses; 401(k) plan; medical, dental, and vision benefits; and wellness stipends.
We look forward to hearing from you
At Stripe, we're looking for people with passion, grit, and integrity. You're encouraged to apply even if your experience doesn't precisely match the job description. Your skills and passion will stand out—and set you apart—especially if your career has taken some extraordinary twists and turns. At Stripe, we welcome diverse perspectives and people who think rigorously and aren't afraid to challenge assumptions. Join us. ApplyJob Profile
Benefits/PerksCompany bonus Company bonus or sales commissions Company bonus or sales commissions/bonuses Equity Medical, dental, and vision benefits Vision Benefits Wellness stipends
Tasks- Collaborate cross-functionally
- Collaborate with teams
- Conduct penetration tests
- Develop strategies
- Drive security initiatives
- Identify vulnerabilities
- Improve security processes
- Lead team
- Reporting
Analytics Business Cloud Security Communication Data engineering Data processing Financial Infrastructure Incident Response Information security Infrastructure Leadership Linux MacOS Management Network observability Observability Operating Systems Operations Payments Penetration Testing Performance Management Programming Project Management Python Recruiting Reporting Sales Security Security analytics Security Engineering Security Operations Security software Splunk SQL Team Leadership Testing Threat Detection Threat Intelligence Vulnerability Management
Experience5 years
EducationB.S. Business Computer Science Engineering Equivalent experience MS Related Field