Staff Fullstack Engineer, User Auth Experience
About the role
Who we are About Stripe Stripe is a financial infrastructure platform for businesses. Millions of companies—from the world’s largest enterprises to the most ambitious startups—use Stripe to accept payments, grow their revenue, and accelerate new business opportunities. Our mission is to increase the GDP of the internet, and we have a staggering amount of work ahead. That means you have an unprecedented opportunity to put the global economy within everyone’s reach while doing the most important work of your career. About the team The User Auth Experience (UAX) team makes authentication and account security at Stripe world-class—secure by default, frictionless for legitimate users, and resilient against evolving threats. We own the end-to-end login, registration, and session management experience for the Stripe Dashboard, and we're expanding that security foundation to every surface where users and agents interact with Stripe. We improve security, access, and usability simultaneously—without compromising any of the three. Our scope spans account takeover prevention, API key security, auth for AI agents, and a two-party approvals framework governing both human and automated actions. The team sits within OAP (Organizations and Auth Platform) in the DEeP (Developer Experience and Product Platform Engineering) organization at Stripe. What you’ll do As a Staff Engineer on UAX, you'll set technical direction across multiple areas of the team's charter, drive architecture decisions that affect millions of users, and lead initiatives that span multiple organizations. You'll operate at the intersection of security and product—designing systems where the safe path is the default path, and navigating the tension between stronger security and lower user friction. You'll own the technical vision for one or more of our platform bets—extending our risk-scoring framework from login to API-layer anomaly detection, evolving our step-up challenge platform to serve multiple Stripe surfaces, or defining Stripe auth primitives for the agentic era (agent principals, approval rules, MCP human-in-the-loop). These are multi-year arcs that require someone who can hold the long-term architecture while shipping incrementally. You'll also directly build risk-dynamic enforcement pipelines, full-stack approval flows, API key protection UX, and the analytics infrastructure that measures our impact. This is a hands-on role with architectural leverage—you'll write code, review designs, and shape how partner teams integrate with our security primitives Responsibilities Own the technical architecture for a major area of the team's charter Design and ship systems that serve multiple Stripe surfaces—building generalized primitives, not point solutions Drive cross-org technical alignment on shared security infrastructure Make effective tradeoffs that consider security posture, user friction, and sustainable technical foundations Mentor and grow engineers on the team Raise the bar for design rigor, operational excellence, and code quality Shape the team's multi-year roadmap through technical foresight and principled prioritization Who you are We’re looking for someone who meets the minimum requirements to be considered for the role. If you meet these requirements, you are encouraged to apply. The preferred qualifications are a bonus, not a requirement. Minimum requirements 12+ years of experience in full-time software development roles Experience as a technical lead by guiding your team, influencing its roadmap, and overseeing complex projects spanning multiple teams Experience in both frontend and backend, with strong ability to work as a generalist across the stack Thrive in a collaborative environment with other teams to identify high-impact ways of solving problems Excellent oral and written communication Preferred qualifications You strive for simple solutions and designs over complex ones, and have a good intuition for what will last and scale well Deep expertise in authentication and authorization systems—SSO, MFA, passkeys and WebAuthn, OAuth, session management, or API key security Experience building risk-based or adaptive security systems (anomaly detection, step-up auth, fraud prevention) Strong understanding of IAM concepts, including RBAC, identity governance, SCIM, delegated auth, or approval workflows Experience defining auth or security primitives for programmatic consumers (APIs, agents, and SDKs)—not just human-facing UI Experience building scalable, resilient, and observable systems while understanding UX best practices for the frontend You put yourself in the shoes of your users to understand their needs and fit that into the bigger picture You stitch together many different services and processes, even if you haven't worked with them before Experience building software for fellow developers
Similar Jobs
Staff Fullstack Engineer, User Auth Experience
About the role
Who we are About Stripe Stripe is a financial infrastructure platform for businesses. Millions of companies—from the world’s largest enterprises to the most ambitious startups—use Stripe to accept payments, grow their revenue, and accelerate new business opportunities. Our mission is to increase the GDP of the internet, and we have a staggering amount of work ahead. That means you have an unprecedented opportunity to put the global economy within everyone’s reach while doing the most important work of your career. About the team The User Auth Experience (UAX) team makes authentication and account security at Stripe world-class—secure by default, frictionless for legitimate users, and resilient against evolving threats. We own the end-to-end login, registration, and session management experience for the Stripe Dashboard, and we're expanding that security foundation to every surface where users and agents interact with Stripe. We improve security, access, and usability simultaneously—without compromising any of the three. Our scope spans account takeover prevention, API key security, auth for AI agents, and a two-party approvals framework governing both human and automated actions. The team sits within OAP (Organizations and Auth Platform) in the DEeP (Developer Experience and Product Platform Engineering) organization at Stripe. What you’ll do As a Staff Engineer on UAX, you'll set technical direction across multiple areas of the team's charter, drive architecture decisions that affect millions of users, and lead initiatives that span multiple organizations. You'll operate at the intersection of security and product—designing systems where the safe path is the default path, and navigating the tension between stronger security and lower user friction. You'll own the technical vision for one or more of our platform bets—extending our risk-scoring framework from login to API-layer anomaly detection, evolving our step-up challenge platform to serve multiple Stripe surfaces, or defining Stripe auth primitives for the agentic era (agent principals, approval rules, MCP human-in-the-loop). These are multi-year arcs that require someone who can hold the long-term architecture while shipping incrementally. You'll also directly build risk-dynamic enforcement pipelines, full-stack approval flows, API key protection UX, and the analytics infrastructure that measures our impact. This is a hands-on role with architectural leverage—you'll write code, review designs, and shape how partner teams integrate with our security primitives Responsibilities Own the technical architecture for a major area of the team's charter Design and ship systems that serve multiple Stripe surfaces—building generalized primitives, not point solutions Drive cross-org technical alignment on shared security infrastructure Make effective tradeoffs that consider security posture, user friction, and sustainable technical foundations Mentor and grow engineers on the team Raise the bar for design rigor, operational excellence, and code quality Shape the team's multi-year roadmap through technical foresight and principled prioritization Who you are We’re looking for someone who meets the minimum requirements to be considered for the role. If you meet these requirements, you are encouraged to apply. The preferred qualifications are a bonus, not a requirement. Minimum requirements 12+ years of experience in full-time software development roles Experience as a technical lead by guiding your team, influencing its roadmap, and overseeing complex projects spanning multiple teams Experience in both frontend and backend, with strong ability to work as a generalist across the stack Thrive in a collaborative environment with other teams to identify high-impact ways of solving problems Excellent oral and written communication Preferred qualifications You strive for simple solutions and designs over complex ones, and have a good intuition for what will last and scale well Deep expertise in authentication and authorization systems—SSO, MFA, passkeys and WebAuthn, OAuth, session management, or API key security Experience building risk-based or adaptive security systems (anomaly detection, step-up auth, fraud prevention) Strong understanding of IAM concepts, including RBAC, identity governance, SCIM, delegated auth, or approval workflows Experience defining auth or security primitives for programmatic consumers (APIs, agents, and SDKs)—not just human-facing UI Experience building scalable, resilient, and observable systems while understanding UX best practices for the frontend You put yourself in the shoes of your users to understand their needs and fit that into the bigger picture You stitch together many different services and processes, even if you haven't worked with them before Experience building software for fellow developers