Staff Product Security Engineer

About The Position

Requirements

• 8+ years relevant experience and a Bachelor's degree OR Any equivalent combination of education and experience.
• 8+ years of experience in software development, application security, or cybersecurity, with proven ability to influence architecture and design decisions.
• Expertise in application security vulnerabilities (e.g., OWASP Top 10) and secure design practices.
• Proven experience driving global or enterprise-wide security initiatives or programs.
• Track record of partnering with developers to remediate vulnerabilities and implement robust security controls.

Nice To Haves

• Experience architecting and operating security review programs or equivalent governance initiatives.
• Hands-on familiarity with application security tools (SAST, DAST, SCA, WAF, Burp Suite).
• Strong programming experience in at least one language such as Ruby, Java, Python, JavaScript, or Swift.
• Knowledge of Kubernetes, Terraform, and version control systems such as Git.
• Hands-on experience with at least one major cloud vendor (AWS, Azure, GCP).
• Strong understanding of authentication and authorization protocols (OAuth 2.0, SAML).
• Experience with AI or ML security, including model security and data protection considerations.
• Strong written and verbal communication skills, with the ability to influence both technical and executive audiences.
• Experience mentoring and developing engineers.

Responsibilities

• Lead and evolve PayPal's Security Design Reviews and Security Champions programs, defining processes, tooling, and automation to enable scalable, high-quality reviews across all business units.
• Serve as the primary escalation point for complex product design and architecture reviews, guiding resolution of nuanced or high-risk issues.
• Define product architecture security strategy and drive the integration of security design practices into global engineering workflows.
• Determine methods and procedures for evaluating, prioritizing, and remediating security risks at scale.
• Deliver targeted training and coaching that empowers teams to build securely at scale.
• Partner with senior engineering and product leadership to influence technology direction, ensuring security is embedded in platform and product architecture decisions.
• Drive cross-functional, global initiatives that improve security posture and engineering efficiency, focusing on systemic risk reduction and process modernization.
• Lead the secure design and integration of AI and large language models (LLMs) in PayPal products and internal tooling.
• Develop and scale self-service security tooling, automation, and metrics for consistent program performance and visibility.
• Mentor and develop engineers across Product Security and the wider organization, fostering a culture of secure-by-design thinking.
• Stay ahead of emerging security technologies and threats, adapting program strategy to evolving risks and business priorities.

Benefits

• flexible work environment
• employee shares options
• health and life insurance