PayPay
Product Security - Infrastructure Security Engineer
Job Summary
This role involves leading infrastructure security improvements for PayPay's product division, focusing on security analysis, implementing security measures, and managing security solutions such as SIEM and vulnerability management. The candidate should have experience with modern infrastructure tools like Kubernetes, cloud platforms, and security automation, along with programming skills. Collaboration with infrastructure teams and supporting security projects are core responsibilities. The role offers a hybrid work environment with comprehensive benefits, emphasizing security expertise within a dynamic FinTech setting.
Required Skills
Benefits
Job Description
About PayPay
PayPay is a FinTech company that has grown to over 69M (as of May 2025) users since its launch in 2018. Our team is hugely diverse with members from over 50 different countries.
OUR VISION IS UNLIMITED_
We dare to believe that we do not need a clear vision to create a future beyond our imagination. PayPay will always stay true to our roots and realize a vision (future) that no one else can imagine by constantly taking risks and challenging ourselves. With this mindset, you will be presented with new and exciting opportunities on a daily basis and have the opportunity to grow and reach new dimensions that you could never have imagined. We are looking for people who can embrace this challenge, refresh the product at breakneck speed and promote PayPay with professionalism and passion.
※ Please note that you cannot apply or be selected in parallel with PayPay Corporation, PayPay Card Corporation and PayPay Securities Corporation.
Job Description
The PayPay Product Security team is looking for experienced infrastructure security engineers to lead improvements to our infrastructure and operational security, and introduce key security solutions, such as SOAR.
PayPay Product Security team is responsible for driving the application security and infrastructure security changes within the product division - the part of PayPay responsible for development and operations of the PayPay app. A strong candidate for the infrastructure security engineer position will be knowledgeable about modern infrastructure solutions (such as Kubernetes, various public clouds and their services, SQL and no-SQL databases, ElasticSearch, message brokers and so on), security challenges and threats relevant to them, and have experience in one of the following areas:
- Leading projects to improve infrastructure security at scale (e.g. introducing role-based access control, hardening K8s configurations, introducing temporary access credentials for database access, and so on)
- Introducing and improving security orchestration and automation, as well as solution to gather, store and analyze security events and assets
Primary Responsibilities
- Analyzing security risks relevant to the production infrastructure
- Designing security measures for the product infrastructure environment
- Implementing and running security solutions (SIEM, vulnerability management, network security, cloud security, container security, etc.)
- Improve security incident handling within product division.
- Improving observability and monitoring for security information and events.
- Assisting infrastructure teams in prioritizing security goals
Supporting Responsibilities
- Assisting infrastructure teams in implementing and running secure solutions
- Participating in major infrastructure projects as a security expert
Qualifications
- 2+ years of infrastructure security or relevant experience
- Solid understanding of security principles, protocols, and best practices
- Solid programming skills in one or more programming languages, such as Python, Golang
- Experience leading projects in any kind of security solutions, such as CNAPP, PAM, IDS/IPS, SIEM, SOAR, WAF, NGFW, etc
- Hands-on experience with cloud platforms, preferably AWS
- Hands-on Terraform experience. Experience with other IAC tools is also acceptable
- Hands-on Linux experience and comfortable with Linux commands
- Hands-on experience with CI/CD pipelines and tools like Github Action, Jenkins, ArgoCD, etc
- Knowledge of containerization technologies such as Docker and Kubernetes
- Strong teamwork skills and the ability to collaborate with others in a diverse environment
- Enjoy taking up a challenge and driving it to a conclusion
Preferred Qualifications
- Previous experience working in DevOps, SRE, or similar roles
- Experience working with microservice-based systems
- Experience working in a security position within the fintech industry
- Native or business level Japanese proficiency
PayPay 5 senses
- Please refer PayPay 5 senses to learn what we value at work.
Working Conditions
Employment Status
- Full Time
Office Location
- Hybrid Workstyle (flexible working style including Remote and office)
※There are no fixed rules regarding office attendance in Product group; it depends on each individual's discretion.
Work Hours
- Super Flex Time (No Core Time)
- In principle, 9:00am-5:45pm (actual working hours: 7h45m + 1h break)
Holidays
-
Every Sat/Sun/National holidays (In Japan)/New Year's break/Company-designated Special days
Paid leave
- Annual leave (up to 14 days in the first year, granted proportionally according to the month of employment. Can be used from the date of hire)
- Personal leave (5 days each year, granted proportionally according to the month of employment)
*PayPay's own special paid leave system, which can be used to attend to illnesses, injuries, hospital visits, etc., of the employee, family members, pets, etc.
Salary
- Annual salary paid in 12 installments (monthly)
- Based on skills, experience, and abilities
- Reviewed once a year
- Special Incentive once a year *Based on company performance and individual contribution and evaluation
- Late overtime allowance
※Payroll payment can be changed to digital salary payment “PayPay Paycheck” for an amount set by you
Benefits
- Social Insurance (health insurance, employee pension, employment insurance and compensation insurance)
- 401K
- Translation/Interpretation support
- VISA sponsor + Relocation support
PayPay
PayPay is an app that lets you make easy and convenient payments with just your smartphone. Registration is complete in as little as one minute! You can use it at stores, for online services, and to pay bills.
See more jobsSafe Remote Job Search Tips
Verify Employer Thoroughly
Research the company's identity thoroughly before applying. Check for a professional website with contacts, active social media, and LinkedIn profiles. Verify details across platforms and look for reviews on Glassdoor or Trustpilot to confirm legitimacy.
Never Pay to Get a Job
Legitimate employers never require payment for applications, training, background checks, or equipment. Always reject upfront payment requests or demands for bank details, even if they claim it's for purchasing necessary work gear on your behalf.
Safeguard Your Personal Information
Protect sensitive data like SSN, bank details, or ID copies. Share this only after accepting a formal, written job offer. Ensure it's submitted via a secure company system or portal, never through insecure channels like standard email attachments.
Scrutinize Communication & Interviews
Watch for communication red flags: poor grammar, generic emails (@gmail), vague details, or undue pressure. Be highly suspicious of interviews held only via text or chat apps; legitimate companies typically use video or phone calls.
Beware of Unrealistic Offers
If an offer's salary or benefits seem unrealistically high for the work involved, be cautious. Research standard pay for similar roles. Offers that appear 'too good to be true' are often scams designed to lure you into providing information or payment.
Insist on a Formal Contract
Always secure and review a formal, written job offer or employment contract before starting work or sharing final personal details. Ensure it clearly defines your role, compensation, key terms, and conditions to avoid misunderstandings or scams.