PayPay is looking for a DevSecOps Engineer to work with our development teams on maintaining the security of our payment system to deliver the best payment experience for our customers.
PayPay DevSecOps focuses on the automation of security configuration, testing, verification and monitoring. A strong candidate will have a good understanding of security best practices as well as an understanding of how to apply those principles to systems at scale following the DevOps methodology.
Essential Duties and Responsibilities
- Security architecture reviews and threat modeling of existing and upcoming projects.
- Training of PayPay development staff on security best practices and its practical application.
- Implementing and maintaining automated security solutions such as configuration management, vulnerability testing, logging, monitoring and incident responses.
- Supporting automation with manual testing and review where required.
- Working in a fast paced environment where projects and prioritization may change frequently but maintaining a secure product is a requirement for all team members.
- Minimum of four years of security focused experience
- Experience leading projects tasked with improving product security and or DevOps security
- Minimum of three years experience with:
- Java and Python
- ELK, Kafka, Redis
- Docker, Kubernetes and OCIs
- Basic working knowledge of AWS EC2 and IAM
- Experience with security Android and iOS Applications
- ArgoCD, CircleCI Github Actions, Jenkins, Snyk, SonarQube
- MySQL/AuroraDB, DynamoDB, Neo4J
- KMS, Secrets Manager, WAF, Networking (VPC & Subnets)
7 to 15 million JPY annually.