Sr Product Security Engineer at PayPal

Austin, Texas, United States -

Full Time

Start Date

Immediate

Expiry Date

06 Feb, 26

Salary

0.0

Posted On

08 Nov, 25

Experience

2 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Application Security, Software Development, Programming, Security Scanners, Git, CI/CD Pipelines, OWASP, Web Application Vulnerabilities, Mobile App Vulnerabilities, Cloud Platforms, Data Structures, RESTful APIs, Containers, SQL, NoSQL, Industry Certifications

Industry

Software Development

Description

Independently apply security best practices to enhance and optimize systems, ensuring robust protection and efficiency, while beginning to understand and align security solutions with business objectives. Partner with peers and internal teams to drive security initiatives, contribute to cross-functional projects, and at times co-lead efforts to strengthen security posture. Analyze and resolve security challenges by adapting standard processes and exploring alternative approaches to address complex threats. Influence the quality, efficiency, and effectiveness of the team through informed decision-making, with a potential impact on other teams. Collaborate with other engineers to gather and incorporate feedback, driving continuous improvements in security processes. Leverage specialized security expertise to identify and resolve complex security issues, recommending best practices and determining new approaches that have an impact on broader security operations, while aligning security strategies with business priorities Partner across teams and key stakeholders to drive security initiatives, leading and solutioning complex projects and programs to strengthen overall security posture. Apply advanced analytical skills and sound judgment to solve security challenges, considering diverse perspectives and innovative solutions. Stay current with industry trends and emerging technologies, understanding their security implications to the company's context. Directly contribute to improvements within the security domain and occasionally beyond, ensuring decisions lead to meaningful enhancements in security practices. Leverage relationships across teams, both within and outside of security, to influence initiatives and integrate feedback into security processes. Define and improve application security in the SDLC, ensuring security is prioritized from inception to deployment. Develop and measure KPIs to report on the program's progress toward key objectives and goals Implement and Test Next Gen AppSec products as part of SDLC. Collaborate with Security Architects, Product Manager, Program Manager and other teams to deliver high quality products. Apply your technical expertise to guide the team in making intelligent and pragmatic design decisions. Help identify and develop ways to improve our team's efficiency by expanding on our existing tools and processes. Mentor junior engineers and interns as they develop their skills. 3+ years relevant experience and a Bachelor's degree OR Any equivalent combination of education and experience. At least 3 years of experience in application security or software development and a Bachelor's degree OR any equivalent combination of education and experience Programming experience in at least one language such as Java, Python, JavaScript, Ruby, Go A strong familiarity with application security scanners such as SAST, SCA, DAST Expert knowledge of Git, common CI/CD pipelines, and other standard developer tools Knowledge of OWASP top 10 and a deep understanding of web application and mobile app vulnerabilities. Experience with data structures, software design, RESTful APIs, containers, SQL & NoSQL - an advantage Working knowledge of major cloud platforms such as Google Cloud, AWS, Azure - an advantage. Industry certifications (e.g.,CISSP, CISM, CCSP, or equivalent) - an advantage. Familiarity with iOS, Android and browser SDK development - an advantage.

Responsibilities

Independently apply security best practices to enhance systems and align security solutions with business objectives. Collaborate with teams to drive security initiatives and resolve complex security challenges.