Information Security Engineer in Scottsdale at PayPal

Date Posted: 11/1/2018

Job Snapshot

Job Description

Fueled by a fundamental belief that having access to financial services creates opportunity, PayPal (NASDAQ: PYPL) is committed to democratizing financial services and empowering people and businesses to join and thrive in the global economy. Our open digital payments platform gives PayPal’s 254 million active account holders the confidence to connect and transact in new and powerful ways, whether they are online, on a mobile device, in an app, or in person. Through a combination of technological innovation and strategic partnerships, PayPal creates better ways to manage and move money, and offers choice and flexibility when sending payments, paying or getting paid. Available in more than 200 markets around the world, the PayPal platform, including Braintree, Venmo and Xoom enables consumers and merchants to receive money in more than 100 currencies, withdraw funds in 56 currencies and hold balances in their PayPal accounts in 25 currencies.

The PayPal Penetration Testing team is a specialized unit within Information Security, which consists of a dedicated people who are masters at collaboration and dedicated to excelling in the field of Offensive Security. This team works on the latest and greatest PayPal products, which means working on the latest technologies. Many projects are highly sensitive in nature which means trust, honesty, and integrity are core to the team and its members.

PayPal, the leading global online payment company, is the faster, safer way to pay and be paid online, via a mobile device and in shops. The service allows people to send money without sharing financial information, with the flexibility to pay using their account balances, bank accounts, credit cards or promotional financing. With 180 million active accounts in over 200 markets and 26 currencies around the world, PayPal enables global commerce.

Every day at PayPal, we are changing the way the world does business by challenging the status quo, innovating and enabling business between millions of people across the globe. We build new products to drive worldwide commerce; be it the next mobile payments solution, or a high-availability money-movement platform. PayPal continues to push the boundaries of technology by investing in individuals who passionately believe in the potential of innovative technologies to effect change.

Are you looking to join a team of talented, creative security professionals? You'll be performing engagements on PayPal web and mobile applications, infrastructure, and core assets to discover weaknesses and vulnerabilities, and delivering custom remediation recommendations and education. We are looking for an experienced, motivated engineer to join our team to enhance our security posture and protect our 250 million customers.


  • Perform penetration tests on:

              Applications, tools and environments that drive PayPal’s business

              Mobile applications, in both Android and iOS environments

  • Perform compliance tests on web applications and APIs written in a wide variety of backend languages
  • Manually verify salient findings from automated tools to lower the number of false positives
  • Work with Third Party security assessment vendors by guiding, validating, and recommending evaluations
  • Track and drive issue remediation
  • Maintain knowledge of security and privacy laws, industry best practices, changes in technology, and advise on the impact for PayPal
  • Collaborate on solutions to mitigate risks and enhance system security
  • Assist external auditors, regulatory auditors and other 3rd parties as needed
  • Assist in company-wide security initiatives
  • Work collaboratively with developers and management to support issues and drive closure

Job Requirements

  • 2 years of experience in penetration testing
  • Ability to use critical thinking skills to find and drive solutions
  • At least 1 year of experience in programming/scripting language.
  • Knowledge of system security vulnerabilities and remediation techniques
  • Experience in Mobile Application Penetration testing a plus
  • Bachelor’s Degree or a final year student
  • Knowledge of industry standard security regulations, policies, and procedures for information systems a plus
  • Ability to work independently with minimal supervision
  • Ability to earn the trust and respect of colleagues both in and outside of the Information Security team
  • Proven track record of having excellent analytical skills and being results-oriented 
  • Excellent communication (both written and verbal) and teamwork skills
  • Proven ability to maintain a high level of discretion and personal integrity in the exercise of duties, including the ability to professionally address confidential matters

Preferred Experience

  • At least one certification such as OSCP, OSCE, Licensed Penetration Tester (LPT), CISSP, or related
  • 1 year of web application penetration testing experience
  • Top placement in CTF competitions
  • Experience editing documents for grammar, clarity, and technical accuracy

We're a purpose-driven company whose beliefs are the foundation for how we conduct business every day. We hold ourselves to our One Team Behaviors which demand that we hold the highest ethical standards, to empower an open and diverse workplace, and strive to treat everyone who is touched by our business with dignity and respect. Our employees challenge the status quo, ask questions, and find solutions. We want to break down barriers to financial empowerment. Join us as we change the way the world defines financial freedom.

PayPal provides equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, pregnancy, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, PayPal will provide reasonable accommodations for qualified individuals with disabilities.