Staff Fullstack Engineer, User Auth Experience

<h2>Who we are</h2> <h3>About Stripe</h3> <p><span style="font-weight: 400;">Stripe is a financial infrastructure platform for businesses. Millions of companies—from the world’s largest enterprises to the most ambitious startups—use Stripe to accept payments, grow their revenue, and accelerate new business opportunities. Our mission is to increase the GDP of the internet, and we have a staggering amount of work ahead. That means you have an unprecedented opportunity to put the global economy within everyone’s reach while doing the most important work of your career.</span></p> <h3>About the team</h3> <p>The User Auth Experience (UAX) team makes authentication and account security at Stripe world-class—secure by default, frictionless for legitimate users, and resilient against evolving threats. We own the end-to-end login, registration, and session management experience for the Stripe Dashboard, and we're expanding that security foundation to every surface where users and agents interact with Stripe.</p> <p>We improve security, access, and usability simultaneously—without compromising any of the three. Our scope spans account takeover prevention, API key security, auth for AI agents, and a two-party approvals framework governing both human and automated actions.</p> <p>The team sits within OAP (Organizations and Auth Platform) in the DEeP (Developer Experience and Product Platform Engineering) organization at Stripe.</p> <h2>What you’ll do</h2> <p>As a Staff Engineer on UAX, you'll set technical direction across multiple areas of the team's charter, drive architecture decisions that affect millions of users, and lead initiatives that span multiple organizations. You'll operate at the intersection of security and product—designing systems where the safe path is the default path, and navigating the tension between stronger security and lower user friction.</p> <p>You'll own the technical vision for one or more of our platform bets—extending our risk-scoring framework from login to API-layer anomaly detection, evolving our step-up challenge platform to serve multiple Stripe surfaces, or defining Stripe auth primitives for the agentic era (agent principals, approval rules, MCP human-in-the-loop). These are multi-year arcs that require someone who can hold the long-term architecture while shipping incrementally.</p> <p>You'll also directly build risk-dynamic enforcement pipelines, full-stack approval flows, API key protection UX, and the analytics infrastructure that measures our impact. This is a hands-on role with architectural leverage—you'll write code, review designs, and shape how partner teams integrate with our security primitives</p> <h3>Responsibilities</h3> <ul> <li style="font-weight: 400;"><span style="font-weight: 400;">Own the technical architecture for a major area of the team's charter&nbsp;</span></li> <li style="font-weight: 400;"><span style="font-weight: 400;">Design and ship systems that serve multiple Stripe surfaces—building generalized primitives, not point solutions&nbsp;</span></li> <li style="font-weight: 400;"><span style="font-weight: 400;">Drive cross-org technical alignment on shared security infrastructure&nbsp;</span></li> <li style="font-weight: 400;"><span style="font-weight: 400;">Make effective tradeoffs that consider security posture, user friction, and sustainable technical foundations&nbsp;</span></li> <li style="font-weight: 400;"><span style="font-weight: 400;">Mentor and grow engineers on the team&nbsp;</span></li> <li style="font-weight: 400;"><span style="font-weight: 400;">Raise the bar for design rigor, operational excellence, and code quality&nbsp;</span></li> <li style="font-weight: 400;"><span style="font-weight: 400;">Shape the team's multi-year roadmap through technical foresight and principled prioritization</span></li> </ul> <h2><strong>Who you are</strong></h2> <p><span style="font-weight: 400;">We’re looking for someone who meets the minimum requirements to be considered for the role. If you meet these requirements, you are encouraged to apply. The preferred qualifications are a bonus, not a requirement.</span></p> <h3>Minimum requirements</h3> <ul> <li style="font-weight: 400;">12+ years of experience in full-time software development roles</li> <li style="font-weight: 400;">Experience as a technical lead by guiding your team, influencing its roadmap, and overseeing complex projects spanning multiple teams</li> <li style="font-weight: 400;">Experience in both frontend and backend, with strong ability to work as a generalist across the stack</li> <li style="font-weight: 400;">Thrive in a collaborative environment with other teams to identify high-impact ways of solving problems</li> <li style="font-weight: 400;">Excellent oral and written communication</li> </ul> <h3><strong>Preferred qualifications</strong></h3> <ul> <li style="font-weight: 400;"><span style="font-weight: 400;">You strive for simple solutions and designs over complex ones, and have a good intuition for what will last and scale well&nbsp;</span></li> <li style="font-weight: 400;"><span style="font-weight: 400;">Deep expertise in authentication and authorization systems—SSO, MFA, passkeys and WebAuthn, OAuth, session management, or API key security </span></li> <li style="font-weight: 400;"><span style="font-weight: 400;">Experience building risk-based or adaptive security systems (anomaly detection, step-up auth, fraud prevention) </span></li> <li style="font-weight: 400;"><span style="font-weight: 400;">Strong understanding of IAM concepts, including RBAC, identity governance, SCIM, delegated auth, or approval workflows </span></li> <li style="font-weight: 400;"><span style="font-weight: 400;">Experience defining auth or security primitives for programmatic consumers (APIs, agents, and SDKs)—not just human-facing UI </span></li> <li style="font-weight: 400;"><span style="font-weight: 400;">Experience building scalable, resilient, and observable systems while understanding UX best practices for the frontend </span></li> <li style="font-weight: 400;"><span style="font-weight: 400;">You put yourself in the shoes of your users to understand their needs and fit that into the bigger picture </span></li> <li style="font-weight: 400;"><span style="font-weight: 400;">You stitch together many different services and processes, even if you haven't worked with them before </span></li> <li style="font-weight: 400;"><span style="font-weight: 400;">Experience building software for fellow developers</span></li> </ul>