Cloud Infrastructure Security Engineer

PayPay is looking for a self-driven and motivated AWS SecOps (Platform Security) Engineer to help secure our payment platform. Our Platform/infrastructure is mainly based on AWS and GCP.

Responsibilities

• Security Architecture reviews and re-design of existing AWS and GCP infrastructure.
• Security Architecture reviews and design of new AWS and GCP infrastructure.
• Design and enforce secure infrastructure deployment and deployment flows.
• Perform Infrastructure security testing and patching to keep up with recent security implementation and best practices.
• Evaluating and Implementing new security technologies such as vulnerability testing, logging, monitoring and incident responses and maintaining them.
• Working in a fast paced environment where projects and prioritization may change frequently, security will always remain.

Tech Stack

• AWS: AM, VPC, KMS, EC2, CloudTrail, SecurityHub, GuardDuty, RDS, EKS, Elasticsearch, Elasticache and others
• GCP: BigQuery, Storage & Google Analytics
• TCP Networking, SSL/TLS, Key Management Systems
• MySQL/AuroraDB, DynamoDB, ELK, Kafka, Redis, TiDB
• Terraform, Jenkins, Github Actions
• Snyk, Snort,
• PlantUML, Cloudcraft
• Slack, Zoom

Requirements

• Minimum of 3 years of demonstrated experience security over 200+ servers in a public facing, production environment doing the following:
• PayPay DevOps emphasizes automation. Demonstrated skill with Python and Shell Scripting is required
• Initial verification, design and implementation of security in AWS using the following AWS Services:
  • IAM, VPC, KMS, EC2, CloudTrail, SecurityHub and GuardDuty
  • Automated security monitoring and incident response in AWS
  • IAC tools in AWS such as Terraform, Ansible
• Securing Kubernetes and microservice architectures
• Securing common Linux based infrastructure (primarily Amazon Linux and Ubuntu based)
• Securing data systems such as RDS (e.g. MySQL, Aurora), NoSQL (e.g. Redis, Elasticsearch, Cassandra), and MQ (e.g. Kafka)
• Experience with git and CI/CD tools such as Jenkins and ArgoCD
• Motivated to work with the platform and infrastructure for modern system using micro-service architecture

Nice to haves

These aren’t required, but be sure to mention them in your application if you have them.

• Experience with other cloud service providers (e.g GCP)
• Experience managing Microsoft Windows servers
• CVE Contributions
• Open Source tools contributions
• Published papers / blogs / articles
• Relevant and verifiable certifications
• JNLP Level 3 or above

Compensation