Staff Product Security Engineer

Join to apply for the Staff Product Security Engineer role at PayPal. 3 days ago Be among the first 25 applicants. As a Staff Product Security Engineer at PayPal, you’ll drive secure design practices that safeguard 434M accounts and $1.6T in annual payment volume. You’ll lead the Security Design Reviews Program and Security Champions Program, partner with engineering and product leaders to scale consistent security processes, and serve as the escalation point for complex design assessments. Through technical leadership and mentorship, you’ll influence product architecture decisions across PayPal’s global ecosystem. Job Description Summary As a Staff Product Security Engineer at PayPal, you’ll drive secure design practices that safeguard 434M accounts and $1.6T in annual payment volume. You’ll lead the Security Design Reviews Program and Security Champions Program, partner with engineering and product leaders to scale consistent security processes, and serve as the escalation point for complex design assessments. Essential Responsibilities Recognized as a security expert, independently resolving the most complex security challenges and providing strategic direction on problem resolution across the security domain. Define methods and procedures for new or special assignments, collaborating with cross‑functional teams to drive security initiatives that align with business needs and objectives. Lead complex, high‑impact security projects of diverse scope, applying an in‑depth understanding of business trends and security challenges to develop innovative solutions. Possess a keen awareness of the broader impact of decisions, with initiatives often leading to enterprise‑wide improvements that enhance security practices and operational efficiency. Expected Qualifications 8+ years relevant experience and a Bachelor’s degree OR Any equivalent combination of education and experience. Additional Responsibilities and Preferred Qualifications Lead and evolve PayPal’s Security Design Reviews and Security Champions programs, defining processes, tooling, and automation to enable scalable, high‑quality reviews across all business units. Serve as the primary escalation point for complex product design and architecture reviews, guiding resolution of nuanced or high‑risk issues. Define product architecture security strategy and drive the integration of security design practices into global engineering workflows. Determine methods and procedures for evaluating, prioritizing, and remediating security risks at scale. Deliver targeted training and coaching that empowers teams to build securely at scale. Partner with senior engineering and product leadership to influence technology direction, ensuring security is embedded in platform and product architecture decisions. Drive cross‑functional, global initiatives that improve security posture and engineering efficiency, focusing on systemic risk reduction and process modernization. Lead the secure design and integration of AI and large language models (LLMs) in PayPal products and internal tooling. Develop and scale self‑service security tooling, automation, and metrics for consistent program performance and visibility. Mentor and develop engineers across Product Security and the wider organization, fostering a culture of secure‑by‑design thinking. Stay ahead of emerging security technologies and threats, adapting program strategy to evolving risks and business priorities. Qualifications 8+ years of experience in software development, application security, or cybersecurity, with proven ability to influence architecture and design decisions. Expertise in application security vulnerabilities (e.g., OWASP Top 10) and secure design practices. Proven experience driving global or enterprise‑wide security initiatives or programs. Track record of partnering with developers to remediate vulnerabilities and implement robust security controls. Preferred Qualifications Experience architecting and operating security review programs or equivalent governance initiatives. Hands‑on familiarity with application security tools (SAST, DAST, SCA, WAF, Burp Suite). Strong programming experience in at least one language such as Ruby, Java, Python, JavaScript, or Swift. Knowledge of Kubernetes, Terraform, and version control systems such as Git. Hands‑on experience with at least one major cloud vendor (AWS, Azure, GCP). Strong understanding of authentication and authorization protocols (OAuth 2.0, SAML). Experience with AI or ML security, including model security and data protection considerations. Strong written and verbal communication skills, with the ability to influence both technical and executive audiences. Experience mentoring and developing engineers. What You Need To Know About The Role This role provides a unique opportunity to define and lead one of the most critical pillars of PayPal’s product security strategy. You’ll have broad scope to shape the company’s approach to secure design, mentor technical leaders, and influence decisions that affect the security of PayPal’s global ecosystem. Meet our team Our mission is to embed security into every phase of the product development lifecycle, recognizing that security promotes quality engineering. Your way to impact Your work will directly influence the security architecture of products that serve hundreds of millions of customers worldwide. Your day-to-day Responsibilities can be tailored based…  (bulleted list continues). Setting strategic direction for the Security Design Reviews Program and ensuring consistent adoption across global product lines. Partnering with business unit leaders to scale the Security Champions Program, aligning outcomes with engineering productivity and security maturity goals. Reviewing and advising on high‑impact architecture and product designs, providing deep technical expertise in secure systems engineering. Identifying systemic security gaps and driving multi‑quarter initiatives to address root causes across teams and platforms. Overseeing development of automation and tooling that improves efficiency and quality of security assessments. Collaborating with senior leadership to define long‑term product security strategy and metrics for success. Mentoring and coaching engineers to expand their technical and leadership capabilities. Representing Product Security in company‑wide technical discussions, architectural councils, and global security initiatives. Leading post‑incident architectural reviews and influencing design patterns that prevent recurrence. Anticipating emerging risks and evolving program focus to proactively address new threat vectors. We know the confidence gap and imposter syndrome can get in the way of meeting spectacular candidates. Please don’t hesitate to apply. PayPal is committed to fair and equitable compensation practices. PayPal provides equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, pregnancy, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state, or local law. In addition, PayPal will provide reasonable accommodations for qualified individuals with disabilities. If you are unable to submit an application because of incompatible assistive technology or a disability, please contact us at paypalglobaltalentacquisition@paypal.com. #J-18808-Ljbffr