Information Security Engineer in Beijing, China at PayPal

At PayPal (NASDAQ: PYPL), we believe that every person has the right to participate fully in the global economy. Our mission is to democratize financial services to ensure that everyone, regardless of background or economic standing, has access to affordable, convenient, and secure products and services to take control of their financial lives.

TPX (Technology, Platform and Experience) China is part of the PayPal Global TPX organization, which holds a very large portfolio of infrastructure and platform technology. It includes everything from data centers to developer experience and all aspects like security, reliability, quality, productivity, modernization, enablement and efficiency. The strategy of TPX China is to articulate the believes, principles, initiatives and achievements in order to serve the PayPal operation in China.

This position will help GoPay ECS team to manage whole application security related work, including but not limited to application security design, SDLC, application vulnerability scanning, app reverse engineering, etc.

• Engage with product and developers to conduct security reviews and define security requirements.
• Mentor junior members of the team and act as a subject matter expert for application security issues.
• Conduct threat modelling and risk analysis to identify exposure and develop mitigation plans
• Manage security integration into the CI/CD pipeline
• Support manual and automated code coverage efforts across all our code base Manage integration with manual and automated tools for static and dynamic testing
• Establish metrics and reporting to track coverage and effectiveness of security processes.
• Engage with product and developers to conduct security reviews and define security requirements.

What we’re looking for:

• Strong experience in web and mobile application security issues
• Strong experience in distributed platform development security and design In-depth knowledge of web and mobile security standards and best practices (OWASP, etc.)
• Strong foundation in core information security principles and concepts (HTTPS, TLS, OAuth, etc.)
• Experience with industry tools and technologies such as Burp, Metasploit, etc.
• Working knowledge of common languages such as Python, GO, Javascript, Java, etc.
• Familiarity with audits and standards requirements such ISO 27001, PCI DSS, SOC 1 & 2, MLPS,etc.
• Proven expertise in enterprise-grade and web scale security solutions Excellent communication skills
• Ability to explain complex security topics in simple terms
• Ability to lead and project manage multiple security initiatives
• A good team player who is self-motivated and well organized

Our Benefits:

At PayPal, we’re committed to building an equitable and inclusive global economy. And we can’t do this without our most important asset—you. That’s why we offer benefits to help you thrive in every stage of life. We champion your financial, physical, and mental health by offering valuable benefits and resources to help you care for the whole you.

We have great benefits including a flexible work environment, employee shares options, health and life insurance and more. To learn more about our benefits please visit https://www.paypalbenefits.com

Who We Are:

Click Here to learn more about our culture and community.

PayPal has remained at the forefront of the digital payment revolution for more than 20 years. By leveraging technology to make financial services and commerce more convenient, affordable, and secure, the PayPal platform is empowering more than 400 million consumers and merchants in more than 200 markets to join and thrive in the global economy. For more information, visit paypal.com.

PayPal provides equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, pregnancy, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, PayPal will provide reasonable accommodations for qualified individuals with disabilities. If you are unable to submit an application because of incompatible assistive technology or a disability, please contact us at paypalglobaltalentacquisition@paypal.com.

As part of PayPal’s commitment to employees’ health and safety, we have established in-office Covid-19 protocols and requirements, based on expert guidance. Depending on location, this might include a Covid-19 vaccination requirement for any employee whose role requires them to work onsite. Employees may request reasonable accommodation based on a medical condition or religious belief that prevents them from being vaccinated.

R0086884