At PayPal (NASDAQ: PYPL), we believe that every person has the right to participate fully in the global economy. Our mission is to democratize financial services to ensure that everyone, regardless of background or economic standing, has access to affordable, convenient, and secure products and services to take control of their financial lives.
Job Description Summary: What you need to know about the role: As a senior information security DevSecOps engineer on the PayPal Enterprise Cyber Security (ECS) team, you will be a key member of a technical and hands on security team tasked with implementing and integrating the security tools and platforms with recently acquired business units. These efforts currently support the Happy Returns and ChargeHound business units, their product offerings, and the cloud infrastructure/services used. This security engineering team is responsible for designing, deploying, implementing, automating, and operationalizing security infrastructure, platforms, and toolsets with our business units and their engineering and software development efforts to meet PayPal security outcomes and business goals. In this role you will report directly to the Head of Information Security for Happy Returns and ChargeHound and work not only with your teammates, but also cross-functionally with various teams within Happy Returns, ChargeHound, and PayPal on all things related to information security, cybersecurity, and information assurance/compliance. Due to breadth of partners, you will work with, inclusivity of ideas, perspectives, and our diversity are important values that we champion.
Meet our team:
This role is with a relatively new, greenfield team composed of diverse individuals early in their career as well as seasoned veterans who have spent time fighting nation state actors (APTs), presented at DEFCON and other security conferences, conducted penetration tests on F100 companies, to helping companies restore and recover from data breaches. We are driven to learn, help each other grow personally & professionally, be inclusive, and help our business units, peers, and customers identify and manage their risks. We look forward to having you join us to round out the capabilities of our team, learn from you, and help you do the same.
This is a remote role in North America, working with remote team members in North America and peers around the world. When safe to do so and as business obligations require, some travel would be expected for real world incidents, site visits, practice exercises, meetings, conferences, and the like.
Your way to impact
You will actively take part in and lead the hands-on efforts to help protect and defend our network boundaries, keep computer, network, and cloud systems hardened against malicious activity, and provide security services that protect extremely sensitive customer information. Our Security Engineers work hands-on with all layers and pieces of the technology stack, actively monitor our systems for attacks and intrusions in both on-prem and cloud environments. You will use your experience to own, facilitate, and drive the resolution of complex security incidents, the implementation of security toolsets, the automation and operationalization of these toolsets to maximize our risk management capabilities as well as our return of investment (ROI), address policy questions, and resolve security issues of a technical nature. Additionally, you will also work with our software engineers to proactively identify and fix security flaws and vulnerabilities in our product and platform. Our security engineers work on a broad set of efforts focusing on scaling and automating security infrastructure and processes. We solve user and corporate security concerns, investigate security incidents, perform security gap analysis, build and integrate systems, conduct applied research, and implement novel technologies and architecture to deal with enterprise security across a diversity of computing platforms such as mobile and cloud. Our focus is to assess the newly acquired business unit’s security posture and toolsets, map out the needed capabilities while aligning with PayPal’ standards and compliance obligations, and work with the various stakeholders to implement, operationalize, and optimize.
What do you need to bring:
You should have at least 5 years of relevant industry experience in information security/cybersecurity. During that time, you should have hands on, in-depth experience, with a thorough understanding of the following:
+ Security monitoring and intrusion detection,
+ Managing the information security incident lifecycle, including incident response, mitigation, forensics, after-action reporting, and mapping a path forward.
+ Secure network design
+ Information security architecture, mitigation of threats, and compensating controls.
+ Applied cryptography and security protocols
+ Penetration testing and red teaming
+ Implementing and working with industry standards and guidelines relevant to the role and our industry, such as ISO, ITIL, NIST, SANS, CIS, ACIPA SOC1/SOC2/SOC3, and PCI.
We know the confidence gap and imposter syndrome can get in the way of meeting spectacular candidates. Note that if you do not meet 100% of the qualifications listed, you should ignore that imposter syndrome and still seriously consider applying for the role. Studies show that you can still be considered for a role if you meet just 50% of the role’s listed requirements, with an even higher percentage if you include a cover letter. Please don't hesitate to apply.Colorado Only : The pay range for this position is as mentioned below per year, plus annual bonus. We take into consideration an individual’s background and experience in determining final salary. All PayPal employees are shareholders in our Company, so equity is part of our total compensation plan. This role is also eligible for health insurance, stock purchase plans, retirement savings benefits, stock awards, life insurance and disability benefits, and paid time off for sick leave, parental leave, vacation and PTO. To learn more visit paypalbenefits.com. This information is provided per the Colorado Equal Pay Act. Base pay information is based on market location.Colorado Salary in USD : $134385 - $166005
At PayPal, we’re committed to building an equitable and inclusive global economy. And we can’t do this without our most important asset—you. That’s why we offer benefits to help you thrive in every stage of life. We champion your financial, physical, and mental health by offering valuable benefits and resources to help you care for the whole you.
We have great benefits including a flexible work environment, employee shares options, health and life insurance and more. To learn more about our benefits please visit https://www.paypalbenefits.com
Who We Are:
To learn more about our culture and community visit https://about.pypl.com/who-we-are/default.aspx
PayPal has remained at the forefront of the digital payment revolution for more than 20 years. By leveraging technology to make financial services and commerce more convenient, affordable, and secure, the PayPal platform is empowering more than 400 million consumers and merchants in more than 200 markets to join and thrive in the global economy. For more information, visit paypal.com.
PayPal provides equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, pregnancy, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, PayPal will provide reasonable accommodations for qualified individuals with disabilities. If you are unable to submit an application because of incompatible assistive technology or a disability, please contact us at [email protected]
As part of PayPal’s commitment to employees’ health and safety, we have established in-office Covid-19 protocols and requirements, based on expert guidance. Depending on location, this might include a Covid-19 vaccination requirement for any employee whose role requires them to work onsite. Employees may request reasonable accommodation based on a medical condition or religious belief that prevents them from being vaccinated.