Senior Application Security Engineer in San Jose at PayPal

Date Posted: 4/22/2018

Job Snapshot

Job Description

Fueled by a fundamental belief that having access to financial services creates opportunity, PayPal (NASDAQ: PYPL) is committed to democratizing financial services and empowering people and businesses to join and thrive in the global economy. Our open digital payments platform gives PayPal’s 210 million active account holders the confidence to connect and transact in new and powerful ways, whether they are online, on a mobile device, in an app, or in person. Through a combination of technological innovation and strategic partnerships, PayPal creates better ways to manage and move money, and offers choice and flexibility when sending payments, paying or getting paid. Available in more than 200 markets around the world, the PayPal platform, including Braintree, Venmo and Xoom enables consumers and merchants to receive money in more than 100 currencies, withdraw funds in 56 currencies and hold balances in their PayPal accounts in 25 currencies.

PayPal Application Security team is a specialized unit within the Information Security organization, which consists of a dedicated set of people who focus on collaboration and dedicated to excel in the field of Application Security. We are constantly learning, innovating and implementing the best practices which fits our business environment. This team works on the latest and greatest of the products that are built, which means working on the latest technologies. Many of such projects can be of highly sensitive nature which means trust, values and integrity are core to the team and its members.

If you are a dynamic, motivated security professional with a passion for application security, and looking to get your career to new heights, this is the job for you!

Senior Application Security Engineer

PayPal Application Security team is a specialized unit within the Information Security organization, which consists of a dedicated set of people who focus on collaboration and dedicated to excel in the field of Application Security. We are constantly learning, innovating and implementing the best practices which fits our business environment. This team works on the latest and greatest of the products that are built, which means working on the latest technologies. Many of such projects can be of highly sensitive nature which means trust, values and integrity are core to the team and its members.

If you are a dynamic, motivated security professional with a passion for application security, and looking to get your career to new heights, this is the job for you!


Some of the tasks we are currently undertaking with our Secure Product LifeCycle (SPLC) development and deployment include the following but are in no way all encompassing. We hope you’ll be able to identify more and recommend actions to make improvements:  

  • Develop, recommend, evaluate, integrate, deploy, and enforce security tools including static, binary and dynamic analyzers, fuzzers, security frameworks, etc.
  • Implement AppSec tooling and integration for various business units in alignment with our core SPLC strategy
  • Drive the adoption of NextGen AppSec initiatives like CSP
  • Evaluate software security products and technologies
  • Provide information security consulting services to internal development groups
  • Work with other information security groups to provide technical expertise on AppSec matters
  • Participate in the development, review and update of application security standards
  • Perform code review and drive remediation of issues discovered

In a nutshell, we need you to make it very hard for PayPal’s developers to make security mistakes!

A natural partner to the SPLC strategies, processes, and procedures is security awareness. Promoting InfoSec awareness internally and externally makes for a well-rounded security professional. That’s why we are also looking to you to

  • Develop, track, and automate reporting of software security metrics for various business units and align it with the centralized AppSec Scorecard
  • Deliver external security talks and represent PayPal Inc. in the security community
  • Maintain knowledge of security and privacy laws, industry best practices, changes in technology, and advice on the impact for PayPal Inc.

We welcome a wide variety of skill sets and interesting backgrounds but for this senior-level role, the following are our minimum requirements:

  • 5+ years of experience coding and building security applications
  • 3+ years of experience with security frameworks, APIs, libraries, etc.
  • Experience with using, tuning and rolling out security tools like Fortify, AppScan, etc.

Languages: Java, Python, Node.js



We're a purpose-driven company whose beliefs are the foundation for how we conduct business every day. We hold ourselves to our One Team Behaviors which demand that we hold the highest ethical standards, to empower an open and diverse workplace, and strive to treat everyone who is touched by our business with dignity and respect. Our employees challenge the status quo, ask questions, and find solutions. We want to break down barriers to financial empowerment. Join us as we change the way the world defines financial freedom.

PayPal provides equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, pregnancy, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, PayPal will provide reasonable accommodations for qualified individuals with disabilities.

R0027184

CHECK OUT OUR SIMILAR JOBS

  1. Software Engineer Jobs
  2. Project Engineer Jobs