Security Analyst, Bridge

Who we are
About Stripe

Stripe is a financial infrastructure platform for businesses. Millions of companies-from the world's largest enterprises to the most ambitious startups-use Stripe to accept payments, grow their revenue, and accelerate new business opportunities. Our mission is to increase the GDP of the internet, and we have a staggering amount of work ahead. That means you have an unprecedented opportunity to put the global economy within everyone's reach while doing the most important work of your career.
About the team

We're creating an entirely new payments platform, built with stablecoins, to simplify global money movement. Bridge enables faster, cheaper payments and borderless access to dollars via stablecoins. Through our APIs, businesses can send and receive funds across borders faster and cheaper vs. SWIFT and other fiat-only rails. Our virtual accounts enable international consumers and businesses to easily access, store, and spend US dollars. Our payouts infrastructure enables platforms to disburse USD to anyone globally. We believe many trillions of dollars will move and settle through stablecoin payment rails. Bridge is pulling this future forward.

We have a small team of people who have previously built financial infrastructure at some of the world's leading companies (Coinbase, Stripe, Square, Brex, Upstart, DoorDash, Airbnb), and each and every one of them chose Bridge because they fundamentally believe that stablecoins will be a critical piece of financial infrastructure that allows for the improvement of global money movement.
What you'll do

We're hiring a Security Analyst and Program Manager to build and scale the Bridge security foundation. This is a rare opportunity to design the security governance, risk, and compliance programs from the ground up, while also leveraging the infrastructure, best practices, and tooling of one of the most mature security organizations in the industry.
Responsibilities

• Design and implement Bridge security governance, risk, and compliance roadmaps from first principles to production.
• Identify and tackle the most important Bridge security risks quickly and pragmatically.
• Adopt Stripe programs, controls, and processes where it makes sense, and find custom approaches where it doesn't.
• Lead risk assessment, control design, and testing for all security and technology oversight globally.
• Reinforce engineering best practices around secure development and infrastructure.
• Ensure Bridge meets compliance and audit expectations as we scale to more regulated markets.
• Collaborate cross-functionally with engineering, product, and the Stripe security organization to move fast without compromising safety.

Who you are
Minimum requirements

• 8+ years of experience in Security GRC.
• Proven experience with regulatory audits from global auditors across security domains.
• Proficiency with NIST CSF, the OCC Cybersecurity Supervision Work Program, the FFIEC IT Examination Handbook, or other similar global frameworks.

Preferred qualifications

• Experience in fast-paced startup environments, building security practices from the ground up.
• Startup mindset-scrappy, pragmatic, and quick to solve the most critical problems.
• Comfort with ambiguity and ability to ruthlessly prioritize.
• Ability to balance security rigor with speed, especially in fast-moving environments.
• Clear communication across technical and non-technical stakeholders.
• Experience building or scaling security programs at a startup or in an embedded role.
• Interest in the potential of crypto and stablecoins to power global financial infrastructure.