MTS1, Information Security Engineer in Singapore, Singapore at PayPal

Job Description

Job Description

At PayPal (NASDAQ: PYPL), we believe that every person has the right to participate fully in the global economy. Our mission is to democratize financial services to ensure that everyone, regardless of background or economic standing, has access to affordable, convenient, and secure products and services to take control of their financial lives.
As a leader in the Enterprise Cyber Security (“ECS”) consulting team, this role will operate as a Technical Security consultant responsible for engaging with PayPal product development teams, solution engineers and architects, operations, and business units providing policy driven security review and consultation. The primary customers of this role are highly technical engineers and architects accountable for designing and deploying infrastructure and platform solutions for PayPal and the domain leaders. The engineer will be responsible for interacting with various stakeholders and providing updates to the senior leadership team. The role requires in depth knowledge of security concepts and controls used in practical application for cloud and on-premises deployments. The role includes but is not limited to participating in the engineering design and deployment of security controls, review of SaaS and on prem deployed (COTS) applications, review and consultation for network zone interconnectivity, review and consultation for data movement and cloud application deployments. The role also includes enforcing security policy, identifying risk, providing consultation on compensating controls and risk mitigation opportunities. The engineer will participate in continuous improvement efforts by engineering and implementing automation, process improvement to reduce redundancy and drive efficiency.

This role will specifically focus on Cloud Security professionals who has strong foundational knowledge and experience on CyberSecurity

Essential functions

Working daily on security review requests by responding to queries from technical engineering and architects, product owners, operations, business units and development teams

• Participate in the design of technical solutions and implementation methods providing security guidance and ensuring inclusion of security controls
• Analyze security related incidents and provide guidance on contributing control gaps and advise on plausible technical security control solutions
• Participate in the design and deployment of security controls and alignment of controls with business requirements
• Provide security policy and procedure guidance on review requests
• Provide approval/confirmation that activities, products, or deployments are aligned with Information Security policies and procedures
• Analyze risk and propose mitigating controls
• Review peer queries for final disposition
• Escalate to management where exception to policy is requested/required
• Enabling business without compromise on security posture of the organization

Review peer and subordinate consulting engagements prior to ECS approval

• Ensure consistency and accuracy across the team
• Ensure gaps/findings/risks are identified and adjudicate risk
• Validate compensation controls are called out and understood by requestors
• Understand and advocate strategy and vision for the team
• Work across team disciplines building knowledge and improving each discipline

Participate in consulting process efficiency and improvement through

• Engineering and implementing automation
• Identify and suggesting technologies, products, and process for peer teams
• Work with the technology owners to identify patterns that can be approved without ECS review

Represent Enterprise Cyber Security (ECS) in various councils, forums and Guilds

Knowlege

Required:

• 3-5 years of cloud security experience
• INFOSEC Certified Cloud Security Professional (CCSP)
• Experience working in a ticketing system environment
• Experience working in at least one of the three platforms Azure, AWS, GCP
• Bachelor’s degree or equivalent industry experience.
• Technology Cloud security practitioner or equivalent

Desirable

• Understanding of SOX 404, PCI, FFEIC, GLBA, OFAC, the Patriot Act, and other regulatory requirements for the financial services sector.
• Good understanding of information security and risk management frameworks such as OWASP and ISO27001.
• Google Professional Cloud Security Engineer
• Microsoft Certified: Azure Security Engineer Associate
• AWS Certified Security – Specialty
• Candidates should have a two to three years experience with building secure applications and background with expertise in or exposure to the following areas: NodeJS, Java Script, enterprise application security architecture (such as IAM, databases, or other security infrastructure) and other web development environments.

Skills

• In-depth understanding of the following cybersecurity areas with expertise in two or more areas along with very detailed cloud security knowledge and experience. Ability to provide consultation on technical design, deployment, and operations in the area

• o Security Architecture
• o Application Security
• o Network security
• o Data Security
• o Cryptography

• In-depth understanding of security standards, controls, and best practices

• Knowledge of software development, network engineering, cloud engineering

• Familiarity on working in a ticketing system to handle daily task, documenting the findings / decisions, generate reports / dashboards would be preferred

• Suggest and implement new ideas to optimize and continuous focus on improving quality and processes

Behavioural

• Self-Awareness - Insightful, reflective, understands personal strengths and weaknesses, seeks feedback.
• Learns from experience; cool and resilient through change; treat others constructively and always with respect
• Mental Agility - Think through problems from a fresh point of view, comfortable with ambiguity & complexity
• Sees through customer eyes and brings in ideas to improve our products and services
• Technical research of solutions capabilities and verification of technical options, problem solver
• Get results under tough conditions; inspire others to go beyond the norm; exhibit presence that builds confidence
• Experience building and maintaining constructive working relationships with a diverse community (in and outside of technology); ability to effectively communicate (both written and verbal) with and influence both technical and non-technical audiences.
• Demonstrated experience earning the trust and respect of colleagues both in and outside of the Information Security team.
• Unquestionable integrity.

Our Benefits:

At PayPal, we’re committed to building an equitable and inclusive global economy. And we can’t do this without our most important asset—you. That’s why we offer benefits to help you thrive in every stage of life. We champion your financial, physical, and mental health by offering valuable benefits and resources to help you care for the whole you.

We have great benefits including a flexible work environment, employee shares options, health and life insurance and more. To learn more about our benefits please visit https://www.paypalbenefits.com

Who We Are:

Click Here to learn more about our culture and community.

PayPal has remained at the forefront of the digital payment revolution for more than 20 years. By leveraging technology to make financial services and commerce more convenient, affordable, and secure, the PayPal platform is empowering more than 400 million consumers and merchants in more than 200 markets to join and thrive in the global economy. For more information, visit paypal.com.

PayPal provides equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, pregnancy, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, PayPal will provide reasonable accommodations for qualified individuals with disabilities. If you are unable to submit an application because of incompatible assistive technology or a disability, please contact us at [email protected].

As part of PayPal’s commitment to employees’ health and safety, we have established in-office Covid-19 protocols and requirements, based on expert guidance. Depending on location, this might include a Covid-19 vaccination requirement for any employee whose role requires them to work onsite. Employees may request reasonable accommodation based on a medical condition or religious belief that prevents them from being vaccinated.

R0089556