Please note that this site has updated features that do not run on older versions of Internet Explorer. For an optimal experience, please use another browser or the most recent version of IE.

Security Engineering Consultant-1 in Singapore at PayPal

Date Posted: 9/11/2020

Job Snapshot

Job Description

Fueled by a fundamental belief that having access to financial services creates opportunity, PayPal (NASDAQ: PYPL) is committed to democratizing financial services and empowering people and businesses to join and thrive in the global economy. Our open digital payments platform gives PayPal’s 305 million active account holders the confidence to connect and transact in new and powerful ways, whether they are online, on a mobile device, in an app, or in person. Through a combination of technological innovation and strategic partnerships, PayPal creates better ways to manage and move money, and offers choice and flexibility when sending payments, paying or getting paid. Available in more than 200 markets around the world, the PayPal platform, including Braintree, Venmo and Xoom enables consumers and merchants to receive money in more than 100 currencies, withdraw funds in 56 currencies and hold balances in their PayPal accounts in 25 currencies.

The Enterprise Cybersecurity Consulting team is seeking person with passion to perform security consultation for PayPal and bring in efficiency through Operational excellence on the security processes. The person would be responsible for guiding, enforcing, reviewing and approving security policy implementation in the new product rollout. Would also be responsible for analysing the existing processes and improving the same through Operational excellence lens. We are looking for a person to be a security champion with interest to constantly upgrade the knowledge on security products, processes and policies and always look for improvement opportunity.

Candidate’s Requirements

  • Person with bachelor's or master’s degree in computer science, Information Security, Information Systems or related.
  • 10+ years of experience on information security including consulting, security engineering and Security frontline activity would be required.
  • Experience in Financial domain working with high online presence global organization would be added advantage
  • Thorough knowledge on various security engineering tools and activity, Identity and access management, integrity, Data protection, Encryption, OWASP Security risk and Security operation is must. 
  • Ability to comprehend and understand various APAC regulatory requirements is must and past experience of working with regulators are added advantage.
  • Any security certifications from (ISC)2, ISACA, SANS or similar would be good to have
  • Ability to understand security policy and assess the product security posture with minimal available data.
  • Participation in hackerone, other organization bug bounty, hackathon would be a plus
  • Ability to work well within a team environment and an interest in deepening knowledge of information security principles
  • Ability and flexibility to work with Global team in Matrix organization setup and get the goals achieved through influence than authority
  • Demonstrated abilities to comprehend, discuss and apply concepts and theories within both overall Information Technology and Information Security fields.
  • Strong analytical skills along with necessary communication skills necessary to document the processes and actions taken to complete each assignment.
  • Fluency in Mandarin is added advantage. 

Job Objective

The security consultant role is to provide overall security consultation to all of PayPal for their day today security related request.  As part of product consultancy, one would be performing product review and make sure the products are in adherence to the PayPal security policies.  This is an internal consulting role to guide and ensure security posture of the organizations are met and are adherent to the PayPal security policy and local regulatory policies in each region.

Job Description

This is a senior individual contributor role that requires one to perform different types of responsibilities in the team, some of which are detailed here but not limited to them

Security Consultation

This responsibility is to be an internal security consultant to perform careful analysis of various security requirements, waiver/exception request, suggestions across different domains and Business units. Should provide right directions and consultations to meet the security posture of the organization.  Should be able to work with minimal information and take right decision without compromising on security or business.  Should liaison with multiple teams including Second line Infosec team, Audit team, architecture, infrastructure, engineering, product development, front line team and speak in their terms.  Should be able to handle both tactical security request and strategic security design decisions and architectural decisions by working closely with other location consulting team.  Knowledge of local regulatory requirement will be of primary importance.  

Application Security and Product Risk Review

This responsibility includes reviewing new product roll out in PayPal for their adherence to the security policies. Getting engaged with the product team at different stage of the program and helping the team to set right expectations on the security infrastructure and enabling them to deliver a secured product will be the primary responsibility.  This will also include consultation and suggestions on the design decision, framework, tools to be used from security perspective.  Constantly apprehend various security policy and helping team to adhere to them, driving SPLC in the product development and scan the product quality through various security scanning tools and threat model will all be driven by this consultant.  This is a partnership work and needs close interaction with multiple teams like policy team (Second line), product development team, Risk and compliance officers among the others.  This role comes with responsibility of performing final security review on the products to be launched. 

Operational Excellence

This responsibility includes analyzing existing security process and identifying ways to improve them.  Often run in a project mode working closely with the product and operations team and driving targeted improvements aligning to the north star statement.  This consultant should take the ownership of the initiative, work on them partnering with the team and transition to the domain owners.  This requires enabling the process owners to achieve the efficiency, reduce cost and improve productivity while reducing cybersecurity risk associated with the process.  This is implemented through various OE methodologies.

We're a purpose-driven company whose beliefs are the foundation for how we conduct business every day. We hold ourselves to our One Team Behaviors which demand that we hold the highest ethical standards, to empower an open and diverse workplace, and strive to treat everyone who is touched by our business with dignity and respect. Our employees challenge the status quo, ask questions, and find solutions. We want to break down barriers to financial empowerment. Join us as we change the way the world defines financial freedom.

PayPal provides equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, pregnancy, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, PayPal will provide reasonable accommodations for qualified individuals with disabilities. If you are unable to submit an application because of incompatible assistive technology or a disability, please contact us at