Application Security Engineer
Description For Application Security Engineer
PayPal is seeking an experienced Application Security Engineer to join their Threat Exposure Management team within Product Security. This role focuses on driving the vulnerability management lifecycle for PayPal's applications, emphasizing vulnerability identification through various testing methods including SAST, SCA, and Secrets scanning. The position combines technical security expertise with strategic thinking to protect PayPal's global financial technology infrastructure.
The ideal candidate will be responsible for analyzing vulnerabilities, implementing PayPal-specific prioritization, and coordinating with development teams for remediation. They will work in a modern approach to vulnerability management, incorporating multiple data sources to guide organizational security efforts. The role requires both technical depth in application security and strong communication skills to work with various stakeholders.
This position offers the opportunity to impact PayPal's security posture directly, working with cutting-edge security tools and methodologies. The team culture emphasizes continuous improvement and collaborative problem-solving. You'll be part of a team that values curiosity and innovation in addressing security challenges at scale.
The role combines hands-on technical work with strategic planning, requiring someone who can both understand complex security vulnerabilities and communicate their impact effectively to different audiences. You'll have the chance to influence security practices across one of the world's largest financial technology companies, working with modern tools and methodologies while helping to protect millions of users' financial transactions.
Responsibilities For Application Security Engineer
- Drive operational workflow around application security vulnerabilities
- Determine impact of vulnerabilities and communicate to stakeholders
- Provide updates on critical vulnerabilities and overall posture
- Collaborate to implement process improvements for vulnerability detection and mitigation
- Work with internal and external service providers
- Maintain forward-looking roadmap with leadership
- Provide consulting on secure coding techniques
- Document and automate vulnerability management runbooks
- Stay current with latest security trends and technologies
Requirements For Application Security Engineer
- 5+ years of experience in application security or software development
- Strong programming experience in Ruby, Java, Python, or JavaScript
- Experience with application security scans (SAST, DAST, API security)
- Experience working with developers on security measures
- Deep understanding of OWASP Top 10 and web/mobile vulnerabilities
- Excellent written and verbal communication skills
- Experience with vulnerability management platforms
- Familiarity with financial services regulations and security standards
- Experience working with large data sets
- Ability to mentor junior team members
- Cloud vendor experience is a plus (AWS, Azure, GCP)
- Industry certifications (CISSP, CISM, CCSP) are a plus
Jobs Related To PayPal Application Security Engineer
