Stripe의 Security Analyst는 버그 바운티 프로그램의 전반적인 운영과 보안 취약점 트리아지를 담당합니다. 웹 보안 및 공격적 보안 도구 활용 능력이 필수이며, 외부 연구자와 내부 엔지니어링 팀 간의 가교 역할을 수행합니다. 취약점 분석 및 데이터 기반의 보안 개선을 통해 Stripe의 제품 보안 수준을 높이는 핵심적인 업무를 수행하게 됩니다.
Stripe is a financial infrastructure platform for businesses. Millions of companies—from the world’s largest enterprises to the most ambitious startups—use Stripe to accept payments, grow their revenue, and accelerate new business opportunities. Our mission is to increase the GDP of the internet, and we have a staggering amount of work ahead. That means you have an unprecedented opportunity to put the global economy within everyone’s reach while doing the most important work of your career.
In this role, you’ll join Stripe’s Vulnerability Management team, whose mission is to “Surface vulnerabilities at scale across Stripe.” Our vision is to create a culture of continuous excellence in managing vulnerabilities. The bug bounty program is an important pillar of this mission, acting as a critical line of defense in Stripe’s security “immune system.”
We seek a highly technical and detail-oriented Security Analyst to join our team, focusing on the front lines of bug bounty triage and researcher engagement. In this role, you’ll be responsible for the end-to-end lifecycle of security vulnerability reports from our bug bounty program. You’ll own the overall effectiveness of Stripe’s bug bounty program with autonomy to implement continuous improvements (e.g., researcher campaigns, scoring transparency).
You’ll play a key role in understanding the root cause of vulnerabilities, coordinating timely resolutions, and directly impacting the security posture of Stripe’s products. A core aspect of this role is developing a deep understanding of Stripe and acquired company products, assets, and their configuration to effectively assess and prioritize vulnerabilities.
We’re looking for someone who meets the minimum requirements to be considered for the role. If you meet these requirements, you are encouraged to apply. The preferred qualifications are a bonus, not a requirement.