Application Security Engineer

Who we are

 

At PayPal (NASDAQ: PYPL), we believe that every person has the right to participate fully in the global economy. Our mission is to democratize financial services to ensure that everyone, regardless of background or economic standing, has access to affordable, convenient, and secure products and services to take control of their financial lives. We’re a purpose-driven company, and our beliefs are the foundation of how we conduct business every day. We’re guided by our core values of Inclusion, Innovation, Collaboration, and Wellness. Collectively, these values inspire us to work together as One Team with our customers at the center of everything we do, and to take care of ourselves, each other, and the communities in which we live and work. We challenge the status quo, ask questions, and find solutions. Join us as we enable the hopes, dreams, and ambitions of millions of people around the world.

 

When applying for a job you are required to create an account, if you have already created an account - click Sign In.

Creating an account will allow you to follow the progress of your applications. Our system does have some requirements that will help us process your application, below are some guidelines for creation of your account:

• Provide full legal First Name/Family Name – this is important for us to ensure our future hires have the right system set up.
• Please Capitalize first letter of your First and Last Name.
• Please avoid using fully capitalized text for your First and/or Last Name.
• NOTE: If your name is hyphenated or has multiple capitalization, please use the same format as your government ID.

Job Description Summary:

Application Security Engineer

As an Application Security Engineer, you will be pivotal in driving secure coding and SDLC efforts including secure code reviews, project security reviews, penetration testing, and application scanning processes. You will be in the thick of it daily, driving bug remediation, meeting with project teams to identify and secure changes in new functionality and stay on the forefront of bug identification and patching efforts. You will partner with your fellow security engineers to keep Venmo growing while keeping us secure!

Job Description:

Venmo Sr. Application Security Engineer

Locations:

Scottsdale, AZ, or Austin, TX, or Chicago, IL

Venmo was founded on the principles of breaking down the intimidating barriers around financial transactions to make them intuitive, friendly, and even fun. And it worked: people love sending money with Venmo, and we’re growing by leaps and bounds!

But we’re only just getting started. We want to take that magic of sending money with Venmo and cascade it into every place where people use money. That means connecting people to their money in the most intuitive and fun way possible, then connecting people with each other. Users already love Venmo, but we know there are lots of things we haven’t thought of to make the experience of using Venmo even more delightful and valuable. All that’s going to take a lot of figuring out. Let’s figure it out together!

Information Security at Venmo

Join our highly proficient team of Security Engineers working to make Venmo more secure. Drive the building and adoption of new security tools and technologies while supporting day-to-day security activities from code reviews, vulnerability testing and remediation, incident handling and alerting and monitoring. Come join a team driven to improve the Venmo security posture through innovation, automation, and excellence.

Application Security Engineer

As an Application Security Engineer, you will be pivotal in driving secure coding and SDLC efforts including secure code reviews, project security reviews, penetration testing, and application scanning processes. You will be in the thick of it daily, driving bug remediation, meeting with project teams to identify and secure changes in new functionality and stay on the forefront of bug identification and patching efforts. You will partner with your fellow security engineers to keep Venmo growing while keeping us secure!

What You’ll Do

Support manual and automated code coverage efforts across our code base (iOS, Andriod, Platform, API, etc)

Manage security integration into the SDLC process and CI/CD pipeline

Identify areas for automation and tooling to increase security coverage

Engage with product managers and developers to conduct security reviews, identify risks and define security requirements

Establish metrics and reporting to track coverage and effectiveness of security processes

Manage our product security bug intake and remediation process

Mentor junior team members and act as a subject matter expert for application security issues

Collaborate on security initiatives and promote security standards across Paypal and Venmo

Conduct threat modelling and risk analysis to identify exposure and develop mitigation plans

Act as a representative for our Information Security program

What We’re Looking For

You must:

Be a good team player, self-motivated and well organized

Possess excellent verbal and written communication skills

Be able to explain complex security topics in simple and relatable terms

Be able to lead and project manage multiple security initiatives

You shall have:

Strong experience in web and mobile application security issues

Strong experience in distributed platform development security and design

In-depth knowledge of web and mobile security standards and best practices (OWASP, etc.)

Strong foundational knowledge of core security concepts (HTTPS, TLS, OAuth, etc.)

Experience with industry tools and technologies such as Burp, Metasploit, Fortify, etc.

Working knowledge of common languages such as Python, GoLang, Javascript, Java, etc.

Working knowledge of public cloud security deployment and implementation issues (AWS, GCP, Azure, Containers, Kubernetes, etc)

Expertise in enterprise-grade and web scale security solutions

Familiarity with audits and standards such ISO 27001, PCI DSS, SOC 2, etc.

Subsidiary:

PayPal

Travel Percent:

0

Primary Location:

Chicago - Merchandise Mart Plaza, Illinois, United States of America

Additional Locations:

Austin - W Parmer Ln, Scottsdale - N 90th St

For more than 20 years, PayPal has remained at the forefront of the digital payment revolution. By leveraging technology to make financial services and commerce more convenient, affordable, and secure, our open digital payments platform gives PayPal’s 400 million active account holders the confidence to connect and transact in new and powerful ways. Through a combination of technological innovation and strategic partnerships, PayPal creates better ways to manage and move money, and offers choice and flexibility when sending payments, paying, or getting paid. Available in more than 200 markets around the world, the PayPal platform, including Braintree, Venmo and Xoom, enables consumers and merchants to receive money in more than 100 currencies, withdraw funds in 56 currencies and hold balances in their PayPal accounts in 25 currencies.

PayPal provides equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, pregnancy, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, PayPal will provide reasonable accommodations for qualified individuals with disabilities. If you are unable to submit an application because of incompatible assistive technology or a disability, please contact us at [email protected].