PayPal Staff Product Security Engineer 

France, Occitania, Toulouse 

954014846

As a Staff Product Security Engineer at PayPal, you’ll drive secure design practices that safeguard 434M accounts and $1.6T in annual payment volume. You’ll lead the Security Design Reviews Program and Security Champions Program, partner with engineering and product leaders to scale consistent security processes, and serve as the escalation point for complex design assessments. Through technical leadership and mentorship, you’ll influence product architecture decisions across PayPal’s global ecosystem.

Essential Responsibilities:

• Recognized as a security expert, independently resolving the most complex security challenges and providing strategic direction on problem resolution across the security domain.
• Define methods and procedures for new or special assignments, collaborating with cross-functional teams to drive security initiatives that align with business needs and objectives.
• Lead complex, high-impact security projects of diverse scope, applying an in-depth understanding of business trends and security challenges to develop innovative solutions.
• Possess a keen awareness of the broader impact of decisions, with initiatives often leading to enterprise-wide improvements that enhance security practices and operational efficiency.

Expected Qualifications:

• 8+ years relevant experience and a Bachelor’s degree OR Any equivalent combination of education and experience.

Responsibilities

• Lead and evolve PayPal’s Security Design Reviews and Security Champions programs, defining processes, tooling, and automation to enable scalable, high-quality reviews across all business units.
• Serve as the primary escalation point for complex product design and architecture reviews, guiding resolution of nuanced or high-risk issues.
• Define product architecture security strategy and drive the integration of security design practices into global engineering workflows.
• Determine methods and procedures for evaluating, prioritizing, and remediating security risks at scale.

• Deliver targeted training and coaching that empowers teams to build securely at scale.

• Partner with senior engineering and product leadership to influence technology direction, ensuring security is embedded in platform and product architecture decisions.
• Drive cross-functional, global initiatives that improve security posture and engineering efficiency, focusing on systemic risk reduction and process modernization.
• Lead the secure design and integration of AI and large language models (LLMs) in PayPal products and internal tooling.
• Develop and scale self-service security tooling, automation, and metrics for consistent program performance and visibility.
• Mentor and develop engineers across Product Security and the wider organization, fostering a culture of secure-by-design thinking.
• Stay ahead of emerging security technologies and threats, adapting program strategy to evolving risks and business priorities.

Qualifications

• 8+ years of experience in software development, application security, or cybersecurity, with proven ability to influence architecture and design decisions.
• Expertise in application security vulnerabilities (e.g., OWASP Top 10) and secure design practices.
• Proven experience driving global or enterprise-wide security initiatives or programs.
• Track record of partnering with developers to remediate vulnerabilities and implement robust security controls.

Preferred Qualifications

• Experience architecting and operating security review programs or equivalent governance initiatives.
• Hands-on familiarity with application security tools (SAST, DAST, SCA, WAF, Burp Suite).
• Strong programming experience in at least one language such as Ruby, Java, Python, JavaScript, or Swift.
• Knowledge of Kubernetes, Terraform, and version control systems such as Git.
• Hands-on experience with at least one major cloud vendor (AWS, Azure, GCP).
• Strong understanding of authentication and authorization protocols (OAuth 2.0, SAML).
• Experience with AI or ML security, including model security and data protection considerations.

• Strong written and verbal communication skills, with the ability to influence both technical and executive audiences.
• Experience mentoring and developing engineers.

Responsibilities can be tailored based on business need, experience, and interest. In your day-to-day role, here are some activities you may be involved in:

• Setting strategic direction for the Security Design Reviews Program and ensuring consistent adoption across global product lines.
• Partnering with business unit leaders to scale the Security Champions Program, aligning outcomes with engineering productivity and security maturity goals.
• Reviewing and advising on high-impact architecture and product designs, providing deep technical expertise in secure systems engineering.
• Identifying systemic security gaps and driving multi-quarter initiatives to address root causes across teams and platforms.
• Overseeing development of automation and tooling that improves efficiency and quality of security assessments.
• Collaborating with senior leadership to define long-term product security strategy and metrics for success.
• Mentoring and coaching engineers to expand their technical and leadership capabilities.
• Representing Product Security in company-wide technical discussions, architectural councils, and global security initiatives.
• Leading post-incident architectural reviews and influencing design patterns that prevent recurrence.
• Anticipating emerging risks and evolving program focus to proactively address new threat vectors.

Travel Percent:

The total compensation for this practice may include an annual performance bonus (or other incentive compensation, as applicable), equity, and medical, dental, vision, and other benefits. For more information, visit .

The US national annual pay range for this role is $152,500 to $262,350

Any general requests for consideration of your skills, please