
Stripe
Mid
Build high-fidelity SIEM detections and lead threat hunts on Stripe's Proactive Threat team
Stripe is hiring a detection engineer for its Proactive Threat team, sitting at the intersection of offense and defense: writing detection-as-code across SIEM platforms, running hypothesis-driven threat hunts, and doing malware analysis to catch adversaries before they impact Stripe. The role wants 5+ years in detection engineering/threat hunting/SecOps, hands-on SIEM query experience (Splunk, Chronicle, Elastic, CrowdStrike NG-SIEM, Panther, Sentinel), and fluency in attacker TTPs across the full lifecycle. Based in Ireland, collaborating across US/Europe/Asia time zones.
Step into this interview
Free · a live voice mock calibrated to this exact role
What this interview tests
- Detection engineering across SIEM platforms and query languages (SPL/KQL/EQL/YARA-L)
- Adversary TTPs across the full attack lifecycle and MITRE ATT&CK mapping
- Hypothesis-driven threat hunting
- Operationalizing threat intelligence into detections
- Detection-as-code, automation, and tooling at scale
- Malware analysis / reverse engineering (secondary)
Common question themes
Walk through building a detection for a specific attacker TTP, including the actual query logic
How do you tune a detection to reduce false positives without losing coverage
Describe a hypothesis-driven threat hunt you ran that wasn't prompted by an alert
Tell me about turning a threat intel report into an operational detection or hunting lead
Describe automation or a pipeline you built to scale detection engineering
How do you map and prioritize detection coverage gaps against MITRE ATT&CK
Related interviews

Stripe
Senior
Data Scientist

Stripe
Mid
Data Scientist, Payments

Stripe
Mid
AI Engineer

Robinhood
Mid
Security Engineer, Detection & Response

Robinhood
Mid
Security Engineer, Detection & Response

Coinbase
Mid