|Preferred GIAC Certifications||GPYC, GCLD, GCSA|
As an information security DevSecOps engineer on the PayPal Enterprise Cyber Security (ECS) team, you will be a key member of a technical and hands on security team supporting the Happy Returns and ChargeHound business units, their product offerings, and the cloud infrastructure/services used. This security engineering team is responsible for designing, deploying, implementing, automating, and operationalizing security infrastructure, platforms, and toolsets with our business units and their engineering and software development efforts to meet PayPal security outcomes and business goals. In this role you will report directly to the Head of Information Security for Happy Returns and ChargeHound and work not only with your teammates, but also cross-functionally with various teams within Happy Returns, ChargeHound, and PayPal on all things related to information security, cybersecurity, and information assurance/compliance. Due to breadth of partners, you will work with, inclusivity of ideas, perspectives, and our diversity are important values that we champion.
You will actively take part in the hands-on efforts to help protect and defend our network boundaries, keep computer, network, and cloud systems hardened against malicious activity, and provide security services that protect extremely sensitive customer information. Security Engineers work hands-on with all layers and pieces of the technology stack and actively monitor our systems for attacks and intrusions in both on-prem and cloud environments. You will use your experience to own and drive the resolution of complex security incidents, the implementation of security toolsets (as well as the automation and operationalization of these toolsets to maximize our risk management capabilities as well as or return of investment (ROI), address policy questions, and resolve security issues of a technical nature. Additionally, you will also work with our software engineers to proactively identify and fix security flaws and vulnerabilities in our product and platform. Our security engineers work on a broad set of efforts focusing on scaling and automating security infrastructure and processes. We solve user and corporate security concerns, investigate security incidents, perform security gap analysis, build and integrate systems, conduct applied research, and implement novel technologies and architecture to deal with enterprise security across a diversity of computing platforms such as mobile and cloud.
What sets this team apart:
This role is with a new, greenfield team composed of diverse individuals early in their career as well as seasoned veterans who have spent time fighting nation state actors (APTs) to helping companies restore and recover from data breaches. We are driven to learn, help each other grow personally & professionally, be inclusive, and help our business units, peers, and customers identify and manage their risks. We look forward to having you join us to round out the capabilities of our team, learn from you, and help you do the same.
Note that if you do not meet 100% of the qualifications listed, you should ignore that imposter syndrome and still seriously consider applying for the role. Studies show that you can still be considered for a role if you meet just 50% of the role’s listed requirements, with an even higher percentage if you include a cover letter.