Security Engineer - Threat Detection

About the role

We are looking for a Security Engineer focused on Threat Detection to join Stripe’s Proactive Threat team. In this role you will design, build and maintain high‑fidelity detections that protect Stripe’s infrastructure, applications and cloud environments from sophisticated adversaries.

Key responsibilities

• Design, implement and tune detections across modern SIEM platforms covering the full attack lifecycle.
• Develop detection hypotheses by researching attacker TTPs and identifying evidence sources.
• Conduct hypothesis‑driven threat hunts to uncover malicious activity and detection gaps.
• Perform malware analysis and reverse engineering to extract indicators for detection rules.
• Build network‑based detections (flow, pcap, protocol) and endpoint detections (event logs, EDR telemetry, memory/file artifacts) on Windows, Linux and macOS.
• Partner with Threat Intelligence to operationalize intel into detections and enrichment logic.
• Collaborate with Incident Response, SOC and offensive security teams to validate and refine detections.
• Develop data pipelines, automation and tooling to enable detection‑as‑code at scale.

Required profile

• Proven experience designing and maintaining security detections.
• Hands‑on experience with threat hunting and malware analysis.
• Strong understanding of attacker tactics, techniques and procedures (TTPs).
• Ability to work across Windows, Linux and macOS environments.
• Experience collaborating with cross‑functional security teams.

Required skills

• SIEM platforms
• Detection‑as‑code
• Network flow and pcap analysis
• Protocol analysis
• Endpoint Detection and Response (EDR) telemetry
• Malware analysis and reverse engineering
• Threat hunting
• Automation and data pipeline development