Chat with Stripe sales Security Engineer - Threat Detection Stripe logo Jobs Our opportunity Life at Stripe Benefits University See open roles Open mobile navigation Jobs Our opportunity Life at Stripe Benefits University See open roles Close mobile navigation Roles at Stripe Role details Security Engineer - Threat Detection Who we are About Stripe Stripe is a financial infrastructure platform for businesses. Millions of companies—from the world's largest enterprises to the most ambitious startups—use Stripe to accept payments, grow their revenue, and accelerate new business opportunities. Our mission is to increase the GDP of the internet, and we have a staggering amount of work ahead. That means you have an unprecedented opportunity to put the global economy within everyone's reach while doing the most important work of your career. About the team The Proactive Threat team identifies, detects, and responds to threats before they impact Stripe's business or users. The Detection Engineering & Threat Hunting function sits at the intersection of offense and defense — we leverage deep knowledge of attacker tradecraft to build high-fidelity detections, hunt for sophisticated threats, and validate defensive capabilities across Stripe's critical systems. We are builders first. Our team develops detection-as-code, automates analysis workflows, and builds tooling that scales detection and response across a complex, global environment. We partner closely with Threat Intelligence, Incident Response, and offensive security teams to ensure our detections are grounded in real-world adversary behavior. The team is distributed across the United States (Eastern and Pacific time zones) and collaborates regularly with stakeholders across Stripe — including teams in Europe and Asia. What you'll do You will design, build, and maintain detections that identify malicious activity across Stripe's infrastructure, applications, and cloud environments. You'll leverage your understanding of attacker TTPs — from initial access through exfiltration — to develop detection logic that catches real threats while minimizing noise. Beyond writing detections, you'll conduct threat hunts, perform malware analysis, and build automation that enables detection engineering at scale. Responsibilities Design, build, and tune high-fidelity detections across modern SIEM platforms, covering adversary TTPs across the full attack lifecycle Develop detection hypotheses by researching TTPs, identifying evidence sources, and determining detection opportunities across available telemetry Conduct hypothesis-driven threat hunts to identify malicious activity, uncover detection gaps, and validate security controls Perform malware analysis and reverse engineering to extract indicators and inform detection strategies Build network-based detections (flow, pcap, protocol analysis) and endpoint-based detections (event logs, EDR telemetry, memory/file artifacts) across Windows, Linux, and macOS Partner with Threat Intelligence to operationalize intel reports into detections, hunting leads, and enrichment logic Collaborate with IR, SOC, and offensive security teams to validate and refine detections based on real-world incidents and red team exercises Build data pipelines, automation, and tooling that enable detection-as-code practices and scalable deployment Map detection coverage to MITRE ATT&CK, identifying and prioritizing gaps across key attack surfaces Lead projects, mentor teammates, and champion quality standards within the team Who you are We're looking for someone who meets the minimum requirements to be considered for the role. If you meet these requirements, you are encouraged to apply. The preferred qualifications are a bonus, not a requirement. Minimum requirements 5+ years of experience in detection engineering, threat hunting, or security operations Demonstrated experience writing detection logic in modern SIEM platforms (e.g., Splunk, Chronicle, Elastic, CrowdStrike NG-SIEM, Panther, Microsoft Sentinel) Strong understanding of adversary tradecraft across the attack lifecycle: initial access, privilege escalation, lateral movement, defense evasion, persistence, and exfiltration Ability to extract TTPs from threat intelligence reports and translate them into detection opportunities Experience developing network-based and endpoint-based detections across multiple OS platforms (Windows, Linux, macOS) Experience analyzing telemetry across endpoint, network, cloud (AWS/GCP/Azure), identity, and application log sources Proficiency in detection/query languages (SPL, KQL, EQL, YARA-L, SQL) and programming (Python or similar) Strong communication skills with the ability to document detection logic and explain findings to technical and non-technical audiences Adversarial mindset — understanding how attackers operate to build detections that catch real-world threats Preferred qualifications Experience in detection engineering or threat hunting within fintech, financial services, or highly regulated environments Background in malware analysis, reverse engineering, or threat research Experience with purple team operations — collaborating with offensive security to validate detections Familiarity with big data platforms (Databricks, Trino, PySpark) for large-scale log analysis Proficiency with AI/LLM-assisted development tools (Claude Code, Cursor, GitHub Copilot) applied to detection workflows Interest in agentic automation — using LLMs to augment hunting, tuning, or triage Experience with detection validation tools (Atomic Red Team, ATT&CK Evaluations) Contributions to open-source detection content, research, or conference presentations Relevant certifications such as HTB CDSA, GCIH, GCFA, GNFA, OSCP, TCM PMAT, or GREM Hybrid work at Stripe This role is available either in an office or a remote location (35+ miles or 56+ km from a Stripe office). In-office expectations Office-assigned Stripes spend at least 50% of the time in a given month in their local office or with users. This hits a balance between bringing people together for in-person collaboration and learning from each other, while supporting flexibility about how to do this in a way that makes sense for individuals and their teams. Working remotely at Stripe A remote location is defined as being 35 miles (56 kilometers) or more from one of our offices. While you would be welcome to come into the office for team/business meetings, on-sites, meet-ups, and events, our expectation is you would regularly work from home rather than a Stripe office. Stripe does not cover the cost of relocating to a remote location. We encourage you to apply for roles that match the location where you currently live or plan to live. Pay and benefits The annual salary range for this role in the primary location is €90,800 - €136,200. This range may change if you are hired in another location. For sales roles, the range provided is the role’s On Target Earnings (“OTE”) range, meaning that the range includes both the sales commissions/sales bonuses target and annual base salary for the role. This salary range may be inclusive of several career levels at Stripe and will be narrowed during the interview process based on a number of factors, including the candidate’s experience, qualifications, and specific location. Applicants interested in this role and who are not located in the primary location may request the annual salary range for their location during the interview process. Specific benefits and details about what compensation is included in the salary range listed above will vary depending on the applicant’s location and can be discussed in more detail during the interview process. Benefits/additional compensation for this role may include: equity, company bonus or sales commissions/bonuses; retirement plans; health benefits; and wellness stipends. Office locations Dublin HQ Remote locations Remote in Spain, Belgium, Germany, or Ireland Team Security Job type Full time Apply for this role Please find our EU applicant personal information notice here . We look forward to hearing from you At Stripe, we're looking for people with passion, grit, and integrity. You're encouraged to apply even if your experience doesn't precisely match the job description. Your skills and passion will stand out—and set you apart—especially if your career has taken some extraordinary twists and turns. At Stripe, we welcome diverse perspectives and people who think rigorously and aren't afraid to challenge assumptions. Join us. Apply Now Stripe logo United States (English) Australia English Austria Deutsch English Belgium Nederlands Français Deutsch English Brazil Português English Bulgaria English Canada English Français Croatia English Italiano Cyprus English Czech Republic English Denmark English Estonia English Finland English Svenska France Français English Germany Deutsch English Gibraltar English Greece English Hong Kong English 简体中文 Hungary English India English Ireland English Italy Italiano English Japan 日本語 English Latvia English Liechtenstein Deutsch English Lithuania English Luxembourg Français Deutsch English Malaysia English 简体中文 Malta English Mexico Español English Netherlands Nederlands English New Zealand English Norway English Poland English Portugal Português English Romania English Singapore English 简体中文 Slovakia English Slovenia English Italiano Spain Español English Sweden Svenska English Switzerland Deutsch Français Italiano English Thailand ไทย English United Arab Emirates English United Kingdom English United States English Español 简体中文 Products & pricing Pricing Atlas Authorization Boost Billing Capital Checkout Crypto Climate Connect Data Pipeline Elements Treasury Financial Connections Identity Invoicing Issuing Link Managed Payments Payments Payment Links Payouts Radar Revenue Recognition Stripe Sigma Tax Terminal Solutions Enterprises Startups Agentic commerce Crypto Ecommerce Embedded finance Finance automation Global businesses In-app payments Marketplaces Platforms SaaS AI companies Creator economy Hospitality, travel, and leisure Insurance Media and entertainment Nonprofits Retail Integrations & custom solutions Stripe App Marketplace Stripe Partner ecosystem Professional services Developers Documentation API reference API status API changelog Libraries and SDKs Developer blog Resources Guides Customer stories Blog Sessions annual conference Privacy & terms Prohibited & restricted businesses Licenses Sitemap Cookie settings Your privacy choices Coverage transparency More resources Company Jobs Newsroom Stripe Press Contact sales Support Get support Managed support plans CA residents: +1 888 926 2289 Sign in © 2026 Stripe, LLC
Launched out of Y Combinator’s 2009 Summer batch, Stripe is a global technology company that builds economic infrastructure for the internet. Businesses of every size—from new startups to public companies—use our software to accept payments and manage their businesses online Stripe is a proud partner of YC companies—from Airbnb (S09) to Defog (W23)—to help them grow their businesses and increase the GDP of the internet.
Location
Ireland
Experience
5+ years
