You'll conduct hands-on penetration testing, lead red team engagements, and collaborate with blue team counterparts to validate and improve detection and response capabilities. Your work will directly influence how Stripe builds, ships, and secures financial infrastructure used by millions of businesses worldwide.

Responsibilities:

Conduct comprehensive penetration tests across web applications, APIs, cloud environments (AWS/GCP/Azure), mobile applications, and internal infrastructure.

Plan and execute red team engagements that emulate the TTPs of cyber and criminal threat actors targeting financial services, including initial access, lateral movement, persistence, and data exfiltration scenarios.

Perform assumed-breach and objective-based assessments to test detection and response capabilities in coordination with defensive teams.

Partner with detection engineering, threat intelligence, and incident response teams to validate security controls, identify coverage gaps, and improve detection fidelity.

Contribute adversary tradecraft insights to inform detection rule development, threat hunting hypotheses, and incident response playbooks.

Support incident investigations by providing offensive expertise, log analysis, and root cause analysis when required.

Design, develop, and maintain custom offensive tools, scripts, and automation frameworks to enhance assessment efficiency and coverage.

Build internal platforms and workflows that enable scalable, repeatable offensive operations.

Contribute to internal security tooling repositories and champion engineering best practices within the team.

Automate repetitive testing tasks, payload generation, and reporting workflows using modern development practices.

Produce clear, actionable reports that communicate technical findings, business risk, and remediation guidance to both technical and non-technical stakeholders.

Act as a subject-matter expert and primary point of contact for stakeholder teams engaged in offensive security programs and Stripe-wide security initiatives.

Lead offensive security projects end-to-end, mentor junior team members, and foster a culture of continuous learning and knowledge sharing.

Stay current with emerging threats, vulnerabilities, and attack techniques; share research internally and contribute to the broader security community.

XML job scraping automation by YubHub

The Anthropic Fellows Program is a 4-month, full-time research opportunity for individuals to work on empirical AI research and engineering projects. As an AI Security Fellow, you will be part of a team that focuses on reducing catastrophic risks from advanced AI systems.

Responsibilities

• Conduct empirical AI research and engineering projects aligned with Anthropic's research priorities
• Collaborate with mentors and peers to achieve project goals
• Present research findings and results to the team and wider community

Requirements

• Fluency in Python programming
• Strong technical background in computer science, mathematics, or physics
• Ability to implement ideas quickly and communicate clearly

Nice to Have

• Experience with pentesting, vulnerability research, or other offensive security work
• Experience with empirical ML research projects
• Experience with deep learning frameworks and experiment management

Logistics

• To participate in the Fellows program, you must have work authorization in the UK and be located in the UK during the program
• Workspace locations: London and Berkeley
• Visa sponsorship: Not currently available

Application Process

Applications and interviews are managed by Constellation, our official recruiting partner for this program. Clicking 'Apply here' will redirect you to Constellation's application portal.

XML job scraping automation by YubHub