Staff Cybersecurity Engineer at PayPal

Austin, Texas, United States -

Full Time

Start Date

Immediate

Expiry Date

02 Jan, 26

Salary

0.0

Posted On

04 Oct, 25

Experience

10 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Cybersecurity, Application Security, Secure Coding Practices, Vulnerability Remediation, Security Design, Architecture Reviews, Penetration Testing, Threat Modeling, Automation, Cloud Security, Programming, Kubernetes, Terraform, Git, OAuth 2.0, SAML

Industry

Software Development

Description

Leverage specialized security expertise to identify and resolve complex security issues, recommending best practices and determining new approaches that have an impact on broader security operations, while aligning security strategies with business priorities Partner across teams and key stakeholders to drive security initiatives, leading and solutioning complex projects and programs to strengthen overall security posture. Apply advanced analytical skills and sound judgment to solve security challenges, considering diverse perspectives and innovative solutions. Stay current with industry trends and emerging technologies, understanding their security implications to the company's context. Directly contribute to improvements within the security domain and occasionally beyond, ensuring decisions lead to meaningful enhancements in security practices. Leverage relationships across teams, both within and outside of security, to influence initiatives and integrate feedback into security processes. Lead and conduct security design, architecture, and code reviews, working directly with developers and product teams to ensure security is embedded throughout the SDLC. Influence product architecture and roadmap decisions to ensure security is treated as a core design element. Drive adoption of security standards and best practices across multiple product lines by mentoring engineers and providing scalable guidance. Identify systemic sources of security debt and drive initiatives to remediate and prevent recurrence. Scale security impact by developing automation and self-service tooling that enables teams to efficiently address security needs. Deliver targeted training and coaching that empowers teams to build securely at scale. Stay ahead of emerging threats and technologies, integrating learnings into threat models and product designs. Champion a culture of security by empowering teams to own and improve the security of their code and environments. Responsibilities will be tailored based on business need, experience, and interest. In your day-to-day role, here are some activities you may be involved in: Conduct security design and code reviews, facilitate penetration testing, and contribute to threat models. Partner with engineers on secure coding, vulnerability remediation, and defensive design patterns. Develop and support in-house tooling (including AI-driven solutions) to scale product security reviews and governance. Implement, manage, and operate application security tools (SAST, DAST, SCA, etc.). Respond to product security incidents, driving root cause analysis and mitigation. Collaborate with developers and platform engineers to identify vulnerabilities and apply mitigating controls. Minimum of 8 years of relevant work experience and a Bachelor's degree or equivalent experience. 8+ years of experience in software development, application security, or cybersecurity, with proven ability to influence architecture and design decisions. Expertise in application security vulnerabilities (e.g., OWASP Top 10) and secure coding practices. Track record of partnering with developers to remediate vulnerabilities and implement robust security controls. Strong written and verbal communication skills, with the ability to influence both technical and executive audiences. Experience mentoring and developing engineers. Experience with application security tools (SAST, DAST, SCA, WAF, Burp Suite). Strong programming experience in at least one language such as Ruby, Java, Python, JavaScript, or Swift. Knowledge of Kubernetes, Terraform, and version control systems such as Git. Hands-on experience with at least one major cloud vendor (AWS, Azure, GCP). Strong understanding of authentication and authorization protocols (OAuth 2.0, SAML). This senior role will provide the opportunity to develop new skills, collaborate across teams, mentor peers, and continue learning in a rapidly changing environment.

Responsibilities

Identify and resolve complex security issues while aligning security strategies with business priorities. Lead security initiatives and conduct security design, architecture, and code reviews to ensure security is embedded throughout the software development lifecycle.