Product Security - Infrastructure Security Engineer

About PayPay

PayPay is a FinTech company that has grown to over 65M (as of August 2024) users since its launch in 2018. Our team is hugely diverse with members from over 50 different countries.

OUR VISION IS UNLIMITED_

We dare to believe that we do not need a clear vision to create a future beyond our imagination. PayPay will always stay true to our roots and realize a vision (future) that no one else can imagine by constantly taking risks and challenging ourselves. With this mindset, you will be presented with new and exciting opportunities on a daily basis and have the opportunity to grow and reach new dimensions that you could never have imagined. We are looking for people who can embrace this challenge, refresh the product at breakneck speed and promote PayPay with professionalism and passion.
※ Please note that you cannot apply or be selected in parallel with PayPay Corporation, PayPay Card Corporation and PayPay Securities Corporation.

Job Description

The PayPay Product Security team is looking for experienced infrastructure security engineers to lead improvements to our infrastructure and operational security, and introduce key security solutions, such as SOAR.

PayPay Product Security team is responsible for driving the application security and infrastructure security changes within the product division - the part of PayPay responsible for development and operations of the PayPay app. A strong candidate for the infrastructure security engineer position will be knowledgeable about modern infrastructure solutions (such as Kubernetes, various public clouds and their services, SQL and no-SQL databases, ElasticSearch, message brokers and so on), security challenges and threats relevant to them, and have experience in one of the following areas:

• Leading projects to improve infrastructure security at scale (e.g. introducing role-based access control, hardening K8s configurations, introducing temporary access credentials for database access, and so on)
• Introducing and improving security orchestration and automation, as well as solution to gather, store and analyze security events and assets

Primary Responsibilities

• Analyzing security risks relevant to the production infrastructure
• Designing security measures for the product infrastructure environment
• Implementing and running security solutions (SIEM, vulnerability management, network security, cloud security, container security, etc.)
• Improve security incident handling within product division.
• Improving observability and monitoring for security information and events.
• Assisting infrastructure teams in prioritizing security goals

Supporting Responsibilities

• Assisting infrastructure teams in implementing and running secure solutions
• Participating in major infrastructure projects as a security expert

Qualifications

• 2+ years of infrastructure security or relevant experience
• Solid understanding of security principles, protocols, and best practices
• Solid programming skills in one or more programming languages, such as Python, Golang
• Experience leading projects in any kind of security solutions, such as CNAPP, PAM, IDS/IPS, SIEM, SOAR, WAF, NGFW, etc
• Hands-on experience with cloud platforms, preferably AWS
• Hands-on Terraform experience. Experience with other IAC tools is also acceptable
• Hands-on Linux experience and comfortable with Linux commands
• Hands-on experience with CI/CD pipelines and tools like Github Action, Jenkins, ArgoCD, etc
• Knowledge of containerization technologies such as Docker and Kubernetes
• Strong teamwork skills and the ability to collaborate with others in a diverse environment
• Enjoy taking up a challenge and driving it to a conclusion

Preferred Qualifications

• Previous experience working in DevOps, SRE, or similar roles
• Experience working with microservice-based systems
• Experience working in a security position within the fintech industry
• Native or business level Japanese proficiency

PayPay 5 senses

• Please refer PayPay 5 senses to learn what we value at work.

Working Conditions 

Employment Status

• Full Time

Office Location

• WFA(Work From Anywhere at Anytime)  
• Remote Job 
• You can live anywhere in Japan 

Work Hours

• Super Flex Time (No Core Time)
• In principle, 10:00am-6:45pm (actual working hours: 7h45m + 1h break)

Holidays

• Every Sat/Sun/National holidays (In Japan)/New Year's break/Company-designated Special days

Paid leave

• Annual leave (up to 14 days in the first year, granted proportionally according to the month of employment. Can be used from the date of hire)
• Personal leave (5 days each year, granted proportionally according to the month of employment）
  ＊PayPay's own special paid leave system, which can be used to attend to illnesses, injuries, hospital visits, etc., of the employee, family members, pets, etc.

Salary

• Annual salary paid in 12 installments (monthly)
• Based on skills, experience, and abilities
• Reviewed once a year
• Special Incentive once a year *Based on company performance and individual contribution and evaluation
• Late overtime allowance, Work from anywhere allowance (JPY100,000)
  
  ※Payroll payment can be changed to digital salary payment “PayPay Paycheck” for an amount set by you

Benefits

• Social Insurance (health insurance, employee pension, employment insurance and compensation insurance)
• 401K
• Translation/Interpretation support
• VISA sponsor + Relocation support

Other Information:

• PayPay Inside-Out (Corporate Blog) /JP
• PayPay Inside-out (Corporate Blog) /ENG
• PayPay Product Blog /JP
• PayPay Product Blog /ENG