62900fcd-562 Security Engineer - Offensive Security As an Offensive Security Engineer on the Proactive Threat team at Stripe, you will simulate the tactics, techniques, and procedures (TTPs) of real-world adversaries to uncover security risks across Stripe's products and infrastructure.

You'll conduct hands-on penetration testing, lead red team engagements, and collaborate with blue team counterparts to validate and improve detection and response capabilities. Your work will directly influence how Stripe builds, ships, and secures financial infrastructure used by millions of businesses worldwide.

Responsibilities:

Conduct comprehensive penetration tests across web applications, APIs, cloud environments (AWS/GCP/Azure), mobile applications, and internal infrastructure.

Plan and execute red team engagements that emulate the TTPs of cyber and criminal threat actors targeting financial services, including initial access, lateral movement, persistence, and data exfiltration scenarios.

Perform assumed-breach and objective-based assessments to test detection and response capabilities in coordination with defensive teams.

Partner with detection engineering, threat intelligence, and incident response teams to validate security controls, identify coverage gaps, and improve detection fidelity.

Contribute adversary tradecraft insights to inform detection rule development, threat hunting hypotheses, and incident response playbooks.

Support incident investigations by providing offensive expertise, log analysis, and root cause analysis when required.

Design, develop, and maintain custom offensive tools, scripts, and automation frameworks to enhance assessment efficiency and coverage.

Build internal platforms and workflows that enable scalable, repeatable offensive operations.

Contribute to internal security tooling repositories and champion engineering best practices within the team.

Automate repetitive testing tasks, payload generation, and reporting workflows using modern development practices.

Produce clear, actionable reports that communicate technical findings, business risk, and remediation guidance to both technical and non-technical stakeholders.

Act as a subject-matter expert and primary point of contact for stakeholder teams engaged in offensive security programs and Stripe-wide security initiatives.

Lead offensive security projects end-to-end, mentor junior team members, and foster a culture of continuous learning and knowledge sharing.

Stay current with emerging threats, vulnerabilities, and attack techniques; share research internally and contribute to the broader security community.

XML job scraping automation by YubHub

]]> full-time senior hybrid Python, Go, Web application security, Cloud platforms (AWS, Azure, or GCP), Offensive tooling (Burp Suite, Cobalt Strike, Mythic, Sliver, BloodHound), Adversary tradecraft and frameworks (MITRE ATT&CK), Excellent written and verbal communication skills, Experience conducting offensive security in fintech, financial services, or other highly regulated environments, Background in vulnerability research, exploit development, or CVE discovery, Experience collaborating with threat intelligence, detection engineering, or incident response teams (purple team operations), Familiarity with big data and log analysis tools (Splunk, Databricks, PySpark, osquery, etc.) for threat hunting or investigative support, Proficiency with AI/LLM-assisted development tools (e.g., Claude Code, Cursor, GitHub Copilot) and experience applying them to offensive security workflows Engineering Technology Stripe https://logos.yubhub.co/stripe.com.png Stripe is a financial infrastructure platform for businesses. It has a large user base, with millions of companies using its services. https://stripe.com/ https://job-boards.greenhouse.io/stripe/jobs/7820898 Ireland 2026-04-18 9bf55fe3-b2b Detection & Response Engineer We are seeking a skilled and proactive Detection & Response Engineer to join our security team. In this critical role, you will be responsible for detecting, investigating, and responding to security incidents across our cloud-native and AI-focused infrastructure.

Responsibilities

  • Monitor and analyse security alerts and logs to identify potential threats and anomalies
  • Develop, implement, and maintain detection rules and correlation logic in our SIEM platform
  • Conduct thorough investigations of security incidents, performing root cause analysis and impact assessments
  • Lead incident response efforts, coordinating with relevant teams to contain and mitigate threats
  • Create and maintain incident response playbooks and runbooks
  • Perform regular threat hunting activities to proactively identify potential security risks
  • Develop and refine metrics and reporting to track the effectiveness of detection and response capabilities
  • Collaborate with other security teams to improve overall security posture and incident handling processes
  • Stay current with emerging threats, attack techniques, and defensive strategies in the cloud-native and AI domains

Basic Qualifications

  • Bachelor's degree in Computer Science, Cybersecurity, or a related field
  • 3-5 years of experience in security operations, incident response, or a similar role
  • Strong understanding of cybersecurity principles, attack techniques, and defensive strategies
  • Proficiency in at least one scripting language (e.g., Python, Rust) for automation and tool development
  • Experience with SIEM platforms and log analysis tools
  • Familiarity with cloud environments (e.g., AWS, GCP, Azure) and their security features
  • Knowledge of network protocols, system administration, and common attack vectors
  • Strong analytical and problem-solving skills with attention to detail
  • Excellent communication skills and ability to work effectively under pressure

Preferred Skills and Experience

  • Relevant security certifications (e.g., GCIH, GCIA, SANS)
  • Experience with threat intelligence platforms and their integration into detection processes
  • Familiarity with AI/ML security implications, particularly those outlined in the OWASP LLM Top 10
  • Knowledge of software supply chain security and SBOM analysis
  • Experience with containerized environments and Kubernetes security
  • Experience in building custom security tools or integrations to enhance detection and response capabilities
  • Interest in leveraging AI to improve threat detection and automate response processes
  • Contributions to open-source security projects or threat research
  • Experience with digital forensics and malware analysis

Compensation and Benefits

$200,000 - $340,000 USD

Base salary is just one part of our total rewards package at xAI, which also includes equity, comprehensive medical, vision, and dental coverage, access to a 401(k) retirement plan, short & long-term disability insurance, life insurance, and various other discounts and perks.

XML job scraping automation by YubHub

]]> full-time mid onsite $200,000 - $340,000 USD cybersecurity principles, attack techniques, defensive strategies, scripting language, SIEM platforms, log analysis tools, cloud environments, network protocols, system administration, common attack vectors, relevant security certifications, threat intelligence platforms, AI/ML security implications, software supply chain security, containerized environments, Kubernetes security, custom security tools, digital forensics, malware analysis Engineering Technology xAI https://logos.yubhub.co/xai.com.png xAI€’s mission is to create AI systems that aid humanity in its pursuit of knowledge. The organisation is small and highly motivated. https://www.xai.com/ https://job-boards.greenhouse.io/xai/jobs/4559148007 Palo Alto, CA 2026-04-18