The PayPay Product Security team is seeking Application Security (AppSec) engineers to work with our development teams on maintaining the security of our services.
PayPay Product Security team is responsible for driving the application security and infrastructure security changes within the product division - the part of PayPay responsible for development and operations of the PayPay app. Specifically AppSec engineers focus on supporting our development teams through discovery, knowledge sharing and the automation of security configuration, testing, verification and monitoring. A strong candidate for AppSec engineer will have a good understanding of software security best practices as well as an understanding of how to apply those principles to systems at scale following the DevOps methodology.
Responsibilities
- Working closely with Security Champions and teams on implementation of security best practices
- Supporting development teams throughout Secure SDLC (design and architecture review, code reviews, manual security assessments)
- Introducing systemic improvements to software security at PayPay (automation, processes, guidelines, secure libraries)
- Maintaining up to date knowledge of security best practices
- Assist threat modeling of existing and upcoming products and systems
- Training and mentoring of PayPay staff on security best practices and its practical application
- Maintaining automated systems to assist teams with assessing current security status
- Working in a fast paced environment where projects and prioritization may change frequently but maintaining a secure product is a requirement for all team members
Requirements
- 3+ years of product security experience
- Experience leading projects tasked with improving product security and/or DevOps security
- Strong teamwork skills and the ability to collaborate with others in a diverse environment
- Enjoy taking up a challenge and driving it to conclusion
- Have excellent written, verbal and interpersonal communication skills.
Nice to haves
While not specifically required, tell us if you have any of the following.
- One or more of Javascript/Typescript, Kotlin, Scala and Java
- Experience with securing Android and iOS Applications
- Experience with microservice-based and cloud-native applications
- Experience working in a security position within the fintech industry
- Bilingual in English and Japanese
Compensation
7 to 14 million JPY annually.