Description

: Essential Responsibilities:

Leverage specialized security expertise to identify and resolve complex security issues, recommending best practices and determining new approaches that have an impact on broader security operations, while aligning security strategies with business priorities

Partner across teams and key stakeholders to drive security initiatives, leading and solutioning complex projects and programs to strengthen overall security posture.

Apply advanced analytical skills and sound judgment to solve security challenges, considering diverse perspectives and innovative solutions. Stay current with industry trends and emerging technologies, understanding their security implications to the company’s context.

Directly contribute to improvements within the security domain and occasionally beyond, ensuring decisions lead to meaningful enhancements in security practices.

Leverage relationships across teams, both within and outside of security, to influence initiatives and integrate feedback into security processes.

Minimum Qualifications:

Minimum of 8 years of relevant work experience and a Bachelor's degree or equivalent experience.

Preferred Qualification: What you need to know about the role As a Staff Product Security Engineer in the PayPal Cyber & Information Security (PCIS) organization, you will work closely with product teams to embed security throughout the software development lifecycle. This senior role will provide the opportunity to develop new skills, collaborate across teams, mentor peers, and continue learning in a rapidly changing environment. Meet our team Our mission is to embed security into every phase of the product development lifecycle, recognizing that security promotes quality engineering. We strive to create a culture of security by empowering teams to take responsibility for securing their own code and environments. We do this by providing leaders and engineers with the visibility, tools, guidance, training, and support needed to create secure products and systems. We prevent, identify, and respond to critical vulnerabilities within our ecosystem, driving response to limit potential impact to the business. Your way to impact If you are think outside of the box, bring an extra edge to the table, and want to gain hands-on experience with a world-class team in the ever-changing field of product & application security, then please apply for this position! Your day-to-day Responsibilities will be tailored based on business need, experience, and interest. In your day-to-day role, you will: Provide consulting and advisement to software engineers on best practices, secure coding techniques, and vulnerability remediation

Support the development of new product features by conducting security design and code reviews, facilitating penetration tests, and contributing to threat models

Develop and support homegrown tooling that utilizes AI-powered large language models to scale and support product security reviews and governance

Implement, manage, and operate application security tools such as static and dynamic application security scanners

Respond to product security incidents

Analyze potential threats and vulnerabilities to our systems, applications, and processes

Collaborate closely with engineers, developers, and security teams to find security issues and mitigating controls

Document and automate incident response and vulnerability management run books

Stay up to date with the latest security trends, technologies, vulnerabilities, and attacks, and incorporate this knowledge into threat models and other workstreams

Essential experience & skills At least 5 years of experience in a software development or cyber security discipline

Strong programming experience in at least one language such as Ruby, Java, Python, JavaScript, Swift. Expect to spend time writing and reviewing code.

Experience with any of the following application security tools: SAST, DAST, API security scanners, WAF, software composition analysis

Knowledge of Kubernetes, terraform, and source code management systems such as git.

Hands on experience with at least one of the main cloud vendors (Amazon Web Services, Azure, Google Cloud Platform)

Experience working with developers to communicate deficiencies and implement security measures.

Experience in identifying and remediating common application security vulnerabilities such as OWASP Top 10 and a deep understanding of web application and mobile app vulnerabilities.

Excellent written and verbal communication skills.

Ability to work independently and as part of a team.

Ability to mentor and guide junior team members.

Strong understanding of authentication and authorization protocols, such as OAuth 2.0 and SAML. **We know the confidence gap and imposter syndrome can get in the way of meeting spectacular candidates. Please don't hesitate to apply. Subsidiary: PayPal Travel Percent: 0 - PayPal is committed to fair and equitable compensation practices. Actual Compensation is based on various factors including but not limited to work location, and relevant skills and experience. The total compensation for this practice may include an annual performance bonus (or other incentive compensation, as applicable), equity, and medical, dental, vision, and other benefits. For more information, visit . The US national annual pay range for this role is $152,500 to $262,350 For the majority of employees, PayPal's balanced hybrid work model offers 3 days in the office for effective in-person collaboration and 2 days at your choice of either the PayPal office or your home workspace, ensuring that you equally have the benefits and conveniences of both locations. Our Benefits: At PayPal, we’re committed to building an equitable and inclusive global economy. And we can’t do this without our most important asset—you. That’s why we offer benefits to help you thrive in every stage of life. We champion your financial, physical, and mental health by offering valuable benefits and resources to help you care for the whole you. We have great benefits including a flexible work environment, employee shares options, health and life insurance and more. To learn more about our benefits please visit . Who We Are: to learn more about our culture and community. Commitment to Diversity and Inclusion PayPal provides equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, pregnancy, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state, or local law. In addition, PayPal will provide reasonable accommodations for qualified individuals with disabilities. If you are unable to submit an application because of incompatible assistive technology or a disability, please contact us at . Belonging at PayPal: Our employees are central to advancing our mission, and we strive to create an environment where everyone can do their best work with a sense of purpose and belonging. Belonging at PayPal means creating a workplace with a sense of acceptance and security where all employees feel included and valued. We are proud to have a diverse workforce reflective of the merchants, consumers, and communities that we serve, and we continue to take tangible actions to cultivate inclusivity and belonging at PayPal. Any general requests for consideration of your skills, please . We know the confidence gap and imposter syndrome can get in the way of meeting spectacular candidates. Please don’t hesitate to apply.