Cloud Infrastructure Security Engineer

Job Description

PayPay is looking for a self-driven and motivated AWS SecOps (Platform Security) Engineer to help secure our payment platform. Our Platform/infrastructure is mainly based on AWS and GCP. *Please note, this position is a part of our Product Security Engineer position, but with a strong focus on AWS security management.

Main Responsibilities

• Security Architecture reviews and re-design of existing AWS and GCP infrastructure.

• Security Architecture reviews and design of new AWS and GCP infrastructure.

• Design and enforce secure infrastructure deployment and deployment flows.

• Perform Infrastructure security testing and patching to keep up with recent security implementation and best practices.

• Evaluating and Implementing new security technologies such as vulnerability testing, logging, monitoring and incident responses and maintaining them.

• Working in a fast paced environment where projects and prioritization may change frequently, security will always remain.

Tech Stack

• AWS
  • IAM, VPC, KMS, EC2, CloudTrail, SecurityHub and GuardDuty
  • RDS, EKS, Elasticsearch, Elasticache and others
• GCP
  • BigQuery, Storage & Google Analytics
• TCP Networking, SSL/TLS, Key Management Systems
• MySQL/AuroraDB, DynamoDB, ELK, Kafka, Redis, TiDB
• Terraform, Jenkins, Github Actions
• Snyk, Snort,
• PlantUML, Cloudcraft
• Slack, Zoom

Qualifications

Minimum of 3 years of demonstrated experience security over 200+ servers in a public facing, production environment doing the following:

• PayPay DevOps emphasizes automation. Demonstrated skill with the following are required:

       - Python

       - Shell Scripting

• Initial verification, design and implementation of security in AWS using the following AWS Services:

       - IAM, VPC, KMS, EC2, CloudTrail, SecurityHub and GuardDuty

       - Automated security monitoring and incident response in AWS

       - IAC tools in AWS such as Terraform, Ansible

• Securing Kubernetes and microservice architectures
• Securing common Linux based infrastructure (primarily Amazon Linux and Ubuntu based) - Securing data systems such as:

        - RDS (e.g. MySQL, Aurora)

        - NoSQL (e.g. Redis, Elasticsearch, Cassandra)

        - MQ (e.g. Kafka)

• Experience with git and CI/CD tools such as:

        - Jenkins - ArgoCD

• Motivated to work with the platform and infrastructure for modern system using micro-service architecture

Preferred Qualifications

• Bachelor's or Master's Degree in Computer Science or related field 

• Experience with other cloud service providers (e.g GCP)

• Experience managing Microsoft Windows servers

• CVE Contributions

• Open Source tools contributions

• Published papers / blogs / articles

• Relevant and verifiable certifications

• JNLP Level 3 or above

PayPay 5 senses

• Please refer PayPay 5 senses to learn what we value at work.