The Security Engineer, Mobile role at Stripe focuses on enhancing the security of client endpoints, particularly within the Apple ecosystem. The Secure Devices team is responsible for ensuring compliance with rigorous security standards and preventing data loss. This position involves collaboration with various teams to secure Stripe's mobile expansion and improve device security. The engineer will also work on developing endpoint security software and managing device attestation flows.

• 4+ years of relevant experience securing iOS and/or macOS platforms
• 4+ years of software engineering experience writing Go, Swift or Objective-C
• Deep expertise securing devices within the Apple ecosystem
• Understanding of the current threat landscape and how to defend Apple devices against modern threats
• High standards for code quality and a constructive attitude to help others raise the bar
• An ability to think creatively and holistically about reducing risk in a complex environment
• The ability to drive clear next steps when encountering ambiguous spaces without clear lines of ownership
• Empathy, strong communication skills and a deep respect for the power of collaboration

• Contribute to the secure design and implementation of Stripe’s mobile expansion initiative
• Act as the subject matter expert on iOS security by advising partner teams on iOS security best practices and secure-by-design architectures
• Design, build and maintain Stripe’s endpoint security software, including developing telemetry and prevention capabilities via macOS system extensions
• Collaborate closely with partner teams to define and measure the secure configuration of Stripe’s client platforms
• Operate high RPS backend services providing critical controls and security configuration to Stripe endpoints
• Drive down usage of unapproved, untrusted software while creating a surprisingly great user experience for onboarding new, approved software
• Manage and improve device attestation flows to ensure Stripe’s device and user identities are kept secure
• Identify opportunities on Stripe client platforms to improve our security posture and resiliency against malware and advanced persistent threats
• Build and maintain a users-first data loss prevention program to protect against accidental and malicious data exfiltration