Please note that this site has updated features that do not run on older versions of Internet Explorer. For an optimal experience, please use another browser or the most recent version of IE.

Xoom Application Security Engineer in Guatemala City at PayPal

Date Posted: 9/25/2020

Job Snapshot

Job Description

Fueled by a fundamental belief that having access to financial services creates opportunity, PayPal (NASDAQ: PYPL) is committed to democratizing financial services and empowering people and businesses to join and thrive in the global economy. Our open digital payments platform gives PayPal’s 325 million active account holders the confidence to connect and transact in new and powerful ways, whether they are online, on a mobile device, in an app, or in person. Through a combination of technological innovation and strategic partnerships, PayPal creates better ways to manage and move money, and offers choice and flexibility when sending payments, paying or getting paid. Available in more than 200 markets around the world, the PayPal platform, including Braintree, Venmo and Xoom enables consumers and merchants to receive money in more than 100 currencies, withdraw funds in 56 currencies and hold balances in their PayPal accounts in 25 currencies.

As an Application Security Engineer on the Xoom Infosec Security team, you will be responsible for building security into all Xoom products end-to-end. You will have the opportunity to participate in the company’s product security initiatives end-to-end. Furthermore, you will be both hands-on technical and influential, where you will be expected to directly communicate with cross-functional teams in Product Management, Development, and DevOps/SRE to drive security throughout the entire product.

Your Career 

As an Application Security Engineer on the Xoom Infosec Security team, you will be responsible for building security into all Xoom products end-to-end. You will have the opportunity to participate in the company’s product security initiatives end-to-end. Furthermore, you will be both hands-on technical and influential, where you will be expected to directly communicate with cross-functional teams in Product Management, Development, and DevOps/SRE to drive security throughout the entire product.  As a thought leader in application security, you will report into the Xoom Security team, however will be deeply embedded in the Product Management and Engineering teams.


Your Responsibilities

  • Through close collaboration with product and engineering teams, ensure the adoption of SDLC and security best practices across the entire application lifecycle.
  • Define and implement security tooling in line with Xoom development processes with the goal of improving coverage and reducing time to action.
  • Improve security reporting, including coordinating vulnerability management, penetration testing, and infrastructure compliance.
  • You will have responsibilities for secure development methodologies and mechanisms for all Xoom products and services
  • Inform choices through a security lens for the entire development lifecycle, including design, coding & development, QA & security testing, and release
  • You will lead definition of SDLC and the software security maturity model
  • You will drive effective integration and adoption of best practices, latest methods & techniques in identifying design flaws and software issues


Your Experience

  • 8+ years of hands-on experience in application security, pen test, OWASP, security benchmarks, and automation
  • Security tooling and best practices, such as pre-commit/pre-receive hooks, dependency scanning, SAST, IAST, OSS, DAST, RASP, and vulnerability management, etc.
  • Demonstrated knowledge of security best practices, principles, and common security frameworks, such as NIST, ISO, Common Criteria, TCSEC, OWASP, etc.
  • In-depth knowledge of common application & network protocols, cryptographic technologies, public key infrastructure, common security threats, such as attack techniques, evasive techniques, and preventative & defensive methods
  • Strong understanding of methodologies and tools for threat analysis of complex systems, such as threat modeling and software fuzzing
  • Prior experiencing in implementing and integrating tools for static analysis, dynamic analysis, fuzzing, and penetration testing
  • Security tools benchmark and fine tuning
  • Experience in software security testing, methodologies, and frameworks
  • Microservice architecture expertise and best practices in securing APIs across multi-cloud environments
  • Hands-on experience in container-based deployments and orchestration tools (e.g. Kubernetes, Docker, EKS, GKE, Terraform)
  • Effective written and oral communication with multiple levels of leadership involving both the business and technical sides of the business


Education

  • Bachelor’s degree from four-year college or university; or equivalent training, education, and experience in information / cyber security, computer systems, IT, etc.

We're a purpose-driven company whose beliefs are the foundation for how we conduct business every day. We hold ourselves to our One Team Behaviors which demand that we hold the highest ethical standards, to empower an open and diverse workplace, and strive to treat everyone who is touched by our business with dignity and respect. Our employees challenge the status quo, ask questions, and find solutions. We want to break down barriers to financial empowerment. Join us as we change the way the world defines financial freedom.

PayPal provides equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, pregnancy, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, PayPal will provide reasonable accommodations for qualified individuals with disabilities. If you are unable to submit an application because of incompatible assistive technology or a disability, please contact us at paypalglobaltalentacquisition@paypal.com.

R0059364