Product Security Engineer Senior

Are you ready to write your next chapter?

Make your mark at one of the biggest names in payments. With proven technology, we process the largest volume of payments in the world, driving the global economy every day. When you join Worldpay, you join a global community of experts and changemakers, working to reinvent an industry by constantly evolving how we work and making the way millions of people pay easier, every day. What makes a Worldpayer? It’s simple: Think, Act, Win. We stay curious, always asking the right questions to be better every day, finding creative solutions to simplify the complex. We’re dynamic, every Worldpayer is empowered to make the right decisions for their customers. And we’re determined, always staying open – winning and failing as one. We’re looking for a Product Security Engineer Senior to join our ever evolving Cyber team to help us unleash the potential of every business. Are you ready to make your mark? Then you sound like a Worldpayer.

About the team:

The product security team at Worldpay is seeking a dynamic and motivated individual to join our new and growing team. The product team will be instrumental at defining the vision to help secure Worldpay going forward. You will work closely with development teams to enable them to build secure products and provide them with adequate security context to make the right decisions for Worldpay.

What you'll own: 

• Responding to security requests from our engineering communities
• Explain detected vulnerabilities in software and recommend remediation options
• Administer the security tooling
• Perform DAST testing against software applications
• Scale product security via automations and self-service providing actionable visibility for engineers
• Align solutions with PCI, SOC, GDPR, CCPA, and cloud security best practices.

What you'll bring: 

• Bachelor's degree in Computer Science, Information Security, or a related field.
• 7+ years of experience in cybersecurity, with a focus on product security.

• Experience in software engineering and evaluating code (C#, Java, .NET, C++, etc.) for security risks and making informed decisions on non-exploitable or false-positive findings.
• Expertise in recommending mitigations and remediations for identified vulnerabilities
• and assist engineers with secure design, code reviews, and threat modeling.
• Expertise in authentication and authorization protocols, application security, and securing APIs.
• Experience working with CI/CD teams to implement new security technologies in the pipeline. Including SAST, DAST, and SCA tools.
• Ability to drive change by leading discussions, writing decision records, and persuading key stakeholders.
• Experience partnering with cross-functional teams to deliver impactful security initiative.

Bonus if you have:

• Experience with BlackDuck and/or Checkmarx.
• Payment industry and PCI DSS experience.
• Expertise in both offensive and defensive tactics.
• Contributed to the open-source community.

Position Overview: We are seeking a highly skilled and experienced Product Security Engineer Senior to join our team. This role involves responding to security tickets from our engineering communities and addressing vulnerabilities identified by our code scanners (Checkmarx, BlackDuck). The ideal candidate will have a strong background in evaluating code (C#, Java, .NET, C++, etc.) for security risks and making informed decisions on non-exploitable or false-positive findings. Additionally, the candidate will recommend mitigations and remediations for identified vulnerabilities and assist engineers with secure design, code reviews, and threat modeling.

Key Responsibilities:

• Respond to security tickets from ServiceNow and address vulnerabilities found by code scanners.
• Evaluate code in various languages (C#, Java, .NET, C++, etc.) to identify security risks.
• Make decisions on non-exploitable or false-positive findings.
• Recommend mitigations and remediations for identified vulnerabilities.
• Assist engineers with secure design, code reviews, and threat modeling.
• Optimize the use of vulnerability scanners, especially Checkmarx and BlackDuck.
• Collaborate with engineering teams to integrate security into the CI/CD pipeline.
• Provide expertise in SaaS, Cloud, and Payment applications.

Qualifications:

• Bachelor's degree in Computer Science, Information Security, or a related field.
• 7+ years of experience in cybersecurity, with a focus on product security.
• Proficiency in code analysis and security assessment tools (Checkmarx, BlackDuck).
• Strong understanding of programming languages (C#, Java, .NET, C++, etc.).
• Experience with secure design principles, code reviews, and threat modeling.
• Knowledge of SaaS, Cloud, and Payment applications.
• Familiarity with CI/CD integrations and DevSecOps practices.
• Excellent problem-solving and communication skills.

Where you’ll own it

You’ll own it in our modern Bangalore hub. With hubs in the heart of city centers and tech capitals, things move fast in APAC. We pride ourselves on being an agile and dynamic collective, collaborating with different teams and offices across the globe.

Worldpay perks - what we’ll bring for you

We know it’s bigger than just your career. It’s your life, and your world. That’s why we offer global benefits and programs to support you at every stage. Here’s a taste of what you can expect.

• A competitive salary and benefits.
• Time to support charities and give back to your community.
• Parental leave policy.
• Global recognition platform.
• Virgin Pulse access.
• Global employee assistance program.

What makes a Worldpayer

At Worldpay, we take our Values seriously, and we live them every day. Think like a customer, Act like an owner, and Win as a team.

• Curious. Humble. Creative. We ask the right questions, listening and learning to get better every day. We simplify the complex and we’re always looking to create a bigger impact for our colleagues and customers.
• Empowered. Accountable. Dynamic. We stay agile, using our initiative, taking calculated risks to progress. Never standing still, never settling, we work at pace to achieve our goals. We champion our ideas and stay flexible to make them happen. We know that every action adds up.
• Determined. Inclusive. Open. Unlocking potential means working as one global community. Our work spans borders, and we stay united by our purpose. We collaborate, always encouraging others to perform at their best, welcoming new perspectives.

Does this sound like you? Then you sound like a Worldpayer.

Apply now to write the next chapter in your career. We can’t wait to hear from you.

To find out more about working with us, find us on LinkedIn.

Privacy Statement

Worldpay is committed to protecting the privacy and security of all personal information that we process in order to provide services to our clients. For specific information on how Worldpay protects personal information online, please see the Online Privacy Notice.

Sourcing Model

Recruitment at Worldpay works primarily on a direct sourcing model; a relatively small portion of our hiring is through recruitment agencies. Worldpay does not accept resumes from recruitment agencies which are not on the preferred supplier list and is not responsible for any related fees for resumes submitted to job postings, our employees, or any other part of our company.

#pridepass