Application Security Engineer jobs at Paypal in France, Toulouse

As a Staff Product Security Engineer at PayPal, you’ll help secure 434M accounts and $1.6T in annual payment volume across PayPal and its business lines. You will embed security into the software development lifecycle (SDLC) by shaping architecture decisions, influencing roadmaps, and scaling impact through automation, tooling, and mentorship. You will also perform in-depth design, architecture, and code reviews, working directly with developers and product teams to ensure products are secure by design.

Essential Responsibilities:

• Leverage specialized security expertise to identify and resolve complex security issues, recommending best practices and determining new approaches that have an impact on broader security operations, while aligning security strategies with business priorities
• Partner across teams and key stakeholders to drive security initiatives, leading and solutioning complex projects and programs to strengthen overall security posture.
• Apply advanced analytical skills and sound judgment to solve security challenges, considering diverse perspectives and innovative solutions. Stay current with industry trends and emerging technologies, understanding their security implications to the company’s context.
• Directly contribute to improvements within the security domain and occasionally beyond, ensuring decisions lead to meaningful enhancements in security practices.
• Leverage relationships across teams, both within and outside of security, to influence initiatives and integrate feedback into security processes.

Expected Qualifications:

• 5+ years relevant experience and a Bachelor’s degree OR Any equivalent combination of education and experience.

• Lead and conduct security design, architecture, and code reviews, working directly with developers and product teams to ensure security is embedded throughout the SDLC.
• Influence product architecture and roadmap decisions to ensure security is treated as a core design element.
• Drive adoption of security standards and best practices across multiple product lines by mentoring engineers and providing scalable guidance.
• Guide the secure design and integration of AI and large language models (LLMs) in PayPal products and internal security tooling.
• Identify systemic sources of security debt and drive initiatives to remediate and prevent recurrence.
• Provide technical leadership in cross-functional initiatives, shaping architecture, tooling, and processes to raise the overall security bar across PayPal’s ecosystem.
• Scale security impact by developing automation and self-service tooling that enables teams to efficiently address security needs.
• Deliver targeted training and coaching that empowers teams to build securely at scale.
• Stay ahead of emerging threats and technologies, integrating learnings into threat models and product designs.
• Champion a culture of security by empowering teams to own and improve the security of their code and environments.

Minimum Qualifications:

• Expertise in application security vulnerabilities (e.g., OWASP Top 10) and secure coding practices.
• Track record of partnering with developers to remediate vulnerabilities and implement robust security controls.
• Strong written and verbal communication skills, with the ability to influence both technical and executive audiences.
• Experience mentoring and developing engineers.

Preferred Qualifications:

• Experience with application security tools (SAST, DAST, SCA, WAF, Burp Suite).
• Strong programming experience in at least one language such as Ruby, Java, Python, JavaScript, or Swift.
• Knowledge of Kubernetes, Terraform, and version control systems such as Git.
• Hands-on experience with at least one major cloud vendor (AWS, Azure, GCP).
• Strong understanding of authentication and authorization protocols (OAuth 2.0, SAML).

What you need to know about the role

If you bring innovative approaches to solving complex security challenges and want to shape the future of product security at global scale, this role is for you.

Responsibilities will be tailored based on business need, experience, and interest. In your day-to-day role, here are some activities you may be involved in:

• Conduct security design and code reviews, facilitate penetration testing, and contribute to threat models.
• Partner with engineers on secure coding, vulnerability remediation, and defensive design patterns.
• Develop and support in-house tooling (including AI-driven solutions) to scale product security reviews and governance.
• Implement, manage, and operate application security tools (SAST, DAST, SCA, etc.).
• Respond to product security incidents, driving root cause analysis and mitigation.
• Collaborate with developers and platform engineers to identify vulnerabilities and apply mitigating controls.

Travel Percent:

The total compensation for this practice may include an annual performance bonus (or other incentive compensation, as applicable), equity, and medical, dental, vision, and other benefits. For more information, visit .

The US national annual pay range for this role is $152,500 to $262,350

Belonging at PayPal:

Any general requests for consideration of your skills, please

Braintree SDK Engineering seeks to reinvent online payments and unlock merchants to offer multiple payment methods. We enable merchants worldwide to accept payments in mobile apps, prioritizing developer experience. We need talented, self-driven engineers to develop new payment methods for Braintree’s iOS Mobile SDK. You'll design next-gen developer experience, build SDK features, contribute to our open-source codebase, and engage with external developers. Seeking someone eager to learn multiple technologies with strong developer empathy.

Essential Responsibilities:

• Delivers complete solutions spanning all phases of the Software Development Lifecycle (SDLC) (design, implementation, testing, delivery and operations), based on definitions from more senior roles.
• Advises immediate management on project-level issues
• Guides junior engineers
• Operates with little day-to-day supervision, making technical decisions based on knowledge of internal conventions and industry best practices
• Applies knowledge of technical best practices in making decisions

Expected Qualifications:

• 3+ years relevant experience and a Bachelor’s degree OR Any equivalent combination of education and experience.

Travel Percent:

The total compensation for this practice may include an annual performance bonus (or other incentive compensation, as applicable), equity, and medical, dental, vision, and other benefits. For more information, visit .

The US national annual pay range for this role is $123,500 to $212,850

Our Benefits:

Any general requests for consideration of your skills, please

Essential Responsibilities:

• Develop and optimize machine learning models for various applications.
• Preprocess and analyze large datasets to extract meaningful insights.
• Deploy ML solutions into production environments using appropriate tools and frameworks.
• Collaborate with cross-functional teams to integrate ML models into products and services.
• Monitor and evaluate the performance of deployed models.

Expected Qualifications:

• 3+ years relevant experience and a Bachelor’s degree OR Any equivalent combination of education and experience.
• Experience with ML frameworks like TensorFlow, PyTorch, or scikit-learn.
• Familiarity with cloud platforms (AWS, Azure, GCP) and tools for data processing and model deployment.
• Several years of experience in designing, implementing, and deploying machine learning models.

• Advanced degree (Master's or Ph.D.) in a quantitative discipline such as Statistics, Mathematics, Computer Science, Engineering, or a related field.
• Strong knowledge of statistical and machine learning techniques, including but not limited to logistic regression, time-series modeling, random forests, support vector machines, gradient boosting (e.g., XGBoost), and deep learning architectures (e.g., CNNs, RNNs).
• Proficiency in programming and big-data technologies, with hands-on experience in tools such as Python (Scikit-learn, TensorFlow), SQL, Hadoop, and Spark.
• Relevant modeling experience in one or more of the following domains: credit risk scoring, fraud detection, financial forecasting, or marketing analytics - gained through industry or academic research.
• Strong collaboration and communication skills, with the ability to work effectively both independently and as part of a cross-functional team.
• Ability to articulate complex technical concepts clearly to non-technical stakeholders and build constructive working relationships across functions.

Preferred Qualifications

• Experience with Large Language Models (LLMs), Agentic AI, or related generative AI applications.
• Familiarity with model governance, model risk management, or AI regulatory compliance frameworks (e.g., SR 11-7, OCC 2011-12, EU AI Act) is a plus.

Travel Percent:

The total compensation for this practice may include an annual performance bonus (or other incentive compensation, as applicable), equity, and medical, dental, vision, and other benefits. For more information, visit .

The US national annual pay range for this role is $137,500 to $236,500

Belonging at PayPal:

Any general requests for consideration of your skills, please

This job delivers complete solutions spanning all phases of the Software Development Lifecycle (SDLC). It involves advising management on project-level issues, guiding junior engineers, operating with little supervision, and applying knowledge of technical best practices.

Essential Responsibilities:

• Delivers complete solutions spanning all phases of the Software Development Lifecycle (SDLC) (design, implementation, testing, delivery and operations), based on definitions from more senior roles.
• Advises immediate management on project-level issues
• Guides junior engineers
• Operates with little day-to-day supervision, making technical decisions based on knowledge of internal conventions and industry best practices
• Applies knowledge of technical best practices in making decisions

Expected Qualifications:

• Minimum of 5 years of relevant work experience and a Bachelor's degree or equivalent experience.

As a
Software Engineer, Backend Java, you will architect and lead the development of complex backend systems, drive innovation, and mentor the team.

• Architect and design large-scale backend systems.
• Lead and mentor engineering teams.
• Drive technical excellence and best practices
• Strong analytical skills including the ability to define problems, collect data, establish facts, and draw valid conclusions.

What do you need to bring:

• Bachelor's degree in Computer Science or related field.
• 5+ years of backend development experience.
• Proficiency in at least one backend language (Java, Python, Ruby on Rails)
• Expertise in architecting and developing large-scale backend systems using Java EE with extensive experience in Spring MVC or Hibernate.
• Proven track record of designing, building, and maintaining complex RESTful APIs and microservices.
• Leadership in guiding engineering teams through complex technical challenges and design decisions.
• In-depth knowledge of distributed systems, cloud-native applications, and containerization technologies like Docker and Kubernetes.
• Experience with large-scale data processing, caching strategies, and performance optimization.
• Strong experience with distributed systems and microservices.
• Proven ability to lead and mentor teams.

Preferred Qualifications:

• Experience with Agile methodology , large-scale, high-performance systems.
• Knowledge of the payment processing industry and relevant regulations.
• Experience with cloud platforms (AWS, GCP, Azure).
• Contributions to open-source projects

The total compensation for this position may include an annual performance bonus (or other incentive compensation, as applicable), equity, and medical, dental, vision, and other benefits. For more information, visit

The U.S. national annual pay range for this role is $to $

Any general requests for consideration of your skills, please

Essential Responsibilities:

• Independently apply security best practices to enhance and optimize systems, ensuring robust protection and efficiency, while beginning to understand and align security solutions with business objectives.
• Partner with peers and internal teams to drive security initiatives, contribute to cross-functional projects, and at times co-lead efforts to strengthen security posture.
• Analyze and resolve security challenges by adapting standard processes and exploring alternative approaches to address complex threats.
• Influence the quality, efficiency, and effectiveness of the team through informed decision-making, with a potential impact on other teams.
• Collaborate with other engineers to gather and incorporate feedback, driving continuous improvements in security processes.

Expected Qualifications:

• 3+ years relevant experience and a Bachelor’s degree OR Any equivalent combination of education and experience.

• Leverage specialized security expertise to identify and resolve complex security issues, recommending best practices and determining new approaches that have an impact on broader security operations, while aligning security strategies with business priorities
• Partner across teams and key stakeholders to drive security initiatives, leading and solutioning complex projects and programs to strengthen overall security posture.
• Apply advanced analytical skills and sound judgment to solve security challenges, considering diverse perspectives and innovative solutions. Stay current with industry trends and emerging technologies, understanding their security implications to the company’s context.
• Directly contribute to improvements within the security domain and occasionally beyond, ensuring decisions lead to meaningful enhancements in security practices.
• Leverage relationships across teams, both within and outside of security, to influence initiatives and integrate feedback into security processes.

• You will be responsible for engineering security solutions into developer CI/CD workflows to identify vulnerabilities in PayPal’s code ensuring that they can be remediated before causing damage
• You will ensure that vulnerabilities are identified natively and efficiently within existing developer workflows, enabling faster, simpler remediation work
• You will apply your engineering skills to ensure that security solutions are of high quality, robustly tested, and performant
• This role is best served with prior experience in cyber security engineering with capability to dive deep into various technologies, have a thirst for being on the cutting edge, and have a passion for security

• Define and improve application security in the SDLC, ensuring security is prioritized from inception to deployment.
• Develop and measure KPIs to report on the program’s progress toward key objectives and goals
• Implement and Test Next Gen AppSec products as part of SDLC.
• Gain expertise and deep understanding of PayPal’s development cycles, platforms and technology.
• Collaborate with Security Architects, Product Manager, Program Manager and other teams to deliver high quality products.
• Apply your technical expertise to guide the team in making intelligent and pragmatic design decisions.
• Help identify and develop ways to improve our team's efficiency by expanding on our existing tools and processes.
• Mentor junior engineers and interns as they develop their skills.

• At least 3 years of experience in application security or software development and a Bachelor's degree OR any equivalent combination of education and experience
• Programming experience in at least one language such as Java, Python, JavaScript, Ruby, Go
• A strong familiarity with application security scanners such as SAST, SCA, DAST
• Expert knowledge of Git, common CI/CD pipelines, and other standard developer tools
• Knowledge of OWASP top 10 and a deep understanding of web application and mobile app vulnerabilities.
• Experience with data structures, software design, RESTful APIs, containers, SQL & NoSQL – an advantage
• Working knowledge of major cloud platforms such as Google Cloud, AWS, Azure – an advantage.
• Industry certifications (e.g.,CISSP, CISM, CCSP, or equivalent) – an advantage.
• Familiarity with iOS, Android and browser SDK development – an advantage.

Travel Percent:

The total compensation for this practice may include an annual performance bonus (or other incentive compensation, as applicable), equity, and medical, dental, vision, and other benefits. For more information, visit .

The US national annual pay range for this role is $123,500 to $212,850

Our Benefits:

Any general requests for consideration of your skills, please

As a Staff Product Security Engineer at PayPal, you’ll drive secure design practices that safeguard 434M accounts and $1.6T in annual payment volume. You’ll lead the Security Design Reviews Program and Security Champions Program, partner with engineering and product leaders to scale consistent security processes, and serve as the escalation point for complex design assessments. Through technical leadership and mentorship, you’ll influence product architecture decisions across PayPal’s global ecosystem.

Essential Responsibilities:

• Recognized as a security expert, independently resolving the most complex security challenges and providing strategic direction on problem resolution across the security domain.
• Define methods and procedures for new or special assignments, collaborating with cross-functional teams to drive security initiatives that align with business needs and objectives.
• Lead complex, high-impact security projects of diverse scope, applying an in-depth understanding of business trends and security challenges to develop innovative solutions.
• Possess a keen awareness of the broader impact of decisions, with initiatives often leading to enterprise-wide improvements that enhance security practices and operational efficiency.

Expected Qualifications:

• 8+ years relevant experience and a Bachelor’s degree OR Any equivalent combination of education and experience.

Responsibilities

• Lead and evolve PayPal’s Security Design Reviews and Security Champions programs, defining processes, tooling, and automation to enable scalable, high-quality reviews across all business units.
• Serve as the primary escalation point for complex product design and architecture reviews, guiding resolution of nuanced or high-risk issues.
• Define product architecture security strategy and drive the integration of security design practices into global engineering workflows.
• Determine methods and procedures for evaluating, prioritizing, and remediating security risks at scale.

• Deliver targeted training and coaching that empowers teams to build securely at scale.

• Partner with senior engineering and product leadership to influence technology direction, ensuring security is embedded in platform and product architecture decisions.
• Drive cross-functional, global initiatives that improve security posture and engineering efficiency, focusing on systemic risk reduction and process modernization.
• Lead the secure design and integration of AI and large language models (LLMs) in PayPal products and internal tooling.
• Develop and scale self-service security tooling, automation, and metrics for consistent program performance and visibility.
• Mentor and develop engineers across Product Security and the wider organization, fostering a culture of secure-by-design thinking.
• Stay ahead of emerging security technologies and threats, adapting program strategy to evolving risks and business priorities.

Qualifications

• 8+ years of experience in software development, application security, or cybersecurity, with proven ability to influence architecture and design decisions.
• Expertise in application security vulnerabilities (e.g., OWASP Top 10) and secure design practices.
• Proven experience driving global or enterprise-wide security initiatives or programs.
• Track record of partnering with developers to remediate vulnerabilities and implement robust security controls.

Preferred Qualifications

• Experience architecting and operating security review programs or equivalent governance initiatives.
• Hands-on familiarity with application security tools (SAST, DAST, SCA, WAF, Burp Suite).
• Strong programming experience in at least one language such as Ruby, Java, Python, JavaScript, or Swift.
• Knowledge of Kubernetes, Terraform, and version control systems such as Git.
• Hands-on experience with at least one major cloud vendor (AWS, Azure, GCP).
• Strong understanding of authentication and authorization protocols (OAuth 2.0, SAML).
• Experience with AI or ML security, including model security and data protection considerations.

• Strong written and verbal communication skills, with the ability to influence both technical and executive audiences.
• Experience mentoring and developing engineers.

Responsibilities can be tailored based on business need, experience, and interest. In your day-to-day role, here are some activities you may be involved in:

• Setting strategic direction for the Security Design Reviews Program and ensuring consistent adoption across global product lines.
• Partnering with business unit leaders to scale the Security Champions Program, aligning outcomes with engineering productivity and security maturity goals.
• Reviewing and advising on high-impact architecture and product designs, providing deep technical expertise in secure systems engineering.
• Identifying systemic security gaps and driving multi-quarter initiatives to address root causes across teams and platforms.
• Overseeing development of automation and tooling that improves efficiency and quality of security assessments.
• Collaborating with senior leadership to define long-term product security strategy and metrics for success.
• Mentoring and coaching engineers to expand their technical and leadership capabilities.
• Representing Product Security in company-wide technical discussions, architectural councils, and global security initiatives.
• Leading post-incident architectural reviews and influencing design patterns that prevent recurrence.
• Anticipating emerging risks and evolving program focus to proactively address new threat vectors.

Travel Percent:

The total compensation for this practice may include an annual performance bonus (or other incentive compensation, as applicable), equity, and medical, dental, vision, and other benefits. For more information, visit .

The US national annual pay range for this role is $152,500 to $262,350

Any general requests for consideration of your skills, please

This job implements tasks within the Software Development Lifecycle (SDLC), follows internal conventions and procedures, makes technical decisions, collaborates with peers and project leads, and contributes to code and design reviews.

Essential Responsibilities:

• Implements tasks within the Software Development Lifecycle (SDLC), receiving structure and oversight from more experienced staff
• Follows well-established internal conventions and standard procedures
• Understands internal standards & processes an applies them to make technical decisions
• Collaborates with peers, manager, and project lead to gain understanding of tasks and review solutions
• May contribute to code & design reviews

Expected Qualifications:

• Minimum of 2 years of relevant work experience and a Bachelor's degree or equivalent experience.

Your day-to-day

As aSoftware Engineer, Backend Javayou'll contribute to building robust backend systems. You'll collaborate closely with experienced engineers to learn and grow your skills.

• Develop and maintain backend components.
• Write clean, efficient code adhering to coding standards.
• Participate in code reviews and provide feedback.

What do you need to Bring

• Bachelor's degree in Computer Science or related field.
• 2+ years of backend development experience. Strong foundation in programming concepts and data structures.
• Proficiency in at least one backend language (Java, Python, Ruby on Rails)
• Proficiency in back-end development utilizing Java EE technologies (Java, application servers, servlet containers, JMS, JPA, Spring MVC, Hibernate)
• Strong understanding of web services and Service-Oriented Architecture (SOA) standards, including REST, OAuth, and JSON, with experience in Java environments.
• Experience with ORM (Object-Relational Mapper) tools, working within Java-based solutions like Hibernate.
• Experience with databases (SQL, NoSQL)

Preferred Qualifications

• Experience with large-scale, high-performance systems.
• Knowledge of the payment processing industry and relevant regulations.
• Experience with cloud platforms (AWS, GCP, Azure).
• Contributions to open-source projects.

The total compensation for this position may include an annual performance bonus (or other incentive compensation, as applicable), equity, and medical, dental, vision, and other benefits. For more information, visit

The U.S. national annual pay range for this role is $to $

Our Benefits:

Any general requests for consideration of your skills, please