Product Security Engineer

What you need to know about the role:

As a Product Security Engineer in the PayPal Cyber and Information Cyber Security (PCIS) team, will develop, deliver and maintain innovative core products and services that enable PayPal to serve its customers with revolutionary security. This role will give the opportunity to develop skills, collaborate across teams and continue learning in a rapidly changing environment. Security automations, Application Security CI Integrations

Meet our team:

This role will work closely with different teams within cyber security and line of business partners building Application security and driving high impact security and technology changes. This role will have opportunities to keep up with current and emerging threats in the industry and latest bleeding edge tech to identify gaps or areas to improve upon in cyber security.

• Implement Next Gen platform security products to enable PayPals product development.
• Analyze potential threats and vulnerabilities to our systems, applications, and processes.
• Collaborate with Security Engineers, Product Manager and other teams to deliver high quality product.
• Respond to Incidents, includes independently completing root-cause analysis and diagnosis.
• Stay up to date with the latest security trends, technologies, vulnerabilities, and attacks, and incorporate this knowledge into threat models.

• 2-4 years of practical experience in software engineering , showcasing proficiency in creating automated solutions , with a preference for a background in CyberSecurity .
• Strong hands-on design development experience with proficiency in at least one of the languages such as Java, Node.js, Python.
• Familiarity with any of the application security tools is a plus : SAST, SCA, DAST, API Security.
• Working knowledge of Linux, Git, Docker, Kubernetes.
• Experience in identifying and remediating common application security vulnerabilities such as OWASP Top 10 .
• Experience working with developers to communicate deficiencies and implement security measures.
• Experience building and deploying applications using continuous integration pipelines and automated deployment tools such as Jenkins, Harness or Github Actions .
• Strong team player who can also work autonomously and take initiative when needed.
• Experience with observability tools like Splunk or Datadog preferred , particularly demonstrating ability to effectively monitor, analyze and derive insights from large-scale data