Application Security Architect
A universe of opportunities. Open to you.
Payoneer’s mission is to empower anyone, anywhere to participate and succeed in the global economy. If our mission connects with your values, if you revel in solving complex challenges, and if you want to continuously advance your career, come realize your potential at Payoneer!
Life at Payoneer is a global community, where you’ll work with colleagues all over the world, in a hybrid or remote work frame. As an equal opportunity employer, the only things that matter to us are your skills, your drive and your desire to have a positive impact on others.
Check out our values
We are seeking an experienced Application Security Architect to join our Cyber Team in Payoneer. As an Application Security Architect, you will be responsible for overall Application Security standards, guidelines, and requirements for different groups in Payoneer. Your expertise in secure architecture, design, and SSDLC will play a crucial role in ensuring the security of our products and the protection of our sensitive financial data. This is a strategic position that offers an opportunity to shape and drive the security initiatives of our cutting-edge fintech solutions.
What’s the job?
- Review and approve secure architecture designs for all developments for Payoneer customers, partners, integrators or in-house solutions, considering best practices, regulatory requirements and business objectives.
- Assist in creating or researching for security solutions – solving security challenges, both on-prem and in the cloud.
- Collaborate with cross-functional teams (mainly R&D and DevOps/DevSecOps) to define security requirements and design robust security controls for systems, both on-prem and in the cloud.
- Provide technical guidance and expertise to internal teams in selecting and integrating in-house solutions or third-party vendors.
- Design and implement cloud security solutions, such as network security, identity and access management, data protection and encryption.
- Stay up-to-date with the latest security technologies, threats, and trends, and provide recommendations for continuous improvement.
- Serve as a subject matter expert on application security, providing guidance and mentorship to other teams in the company.
Is this you?
The Payoneers are:
Accountable | Adaptable | Collaborative | Communicative | Fast Learners | Independent | Motivated | Problem Solvers | Resilient | Technically Proficient
Have you done this kind of stuff?
- 3+ years’ experience working as an Application Security Expert/Engineer/Architect or in a similar role.
- Experience and in-depth understanding of CI/CD workflows and methodology (Azure DevOps is an advantage)
- Strong knowledge of cloud computing platforms such as AWS, Azure, or Google Cloud, and their associated security services and features and deep understanding of cloud security principles and industry best practices.
- Multi-task skills: ability to work on multiple projects in parallel, providing application security support for different teams and initiatives in the company.
- Excellent communication and collaboration skills, with the ability to effectively convey complex security concepts to technical and non-technical stakeholders.
Advantages:
- Bachelor's degree in Computer Science, Information Security, or a related field.
- Hands-on experience with cloud security products such as Wiz, Aqua, etc.
- Hands-on skills with Microsoft enterprise ecosystem, including Active Directory/Azure Entra ID, Office 365 APIs, Azure Cloud services.
- Hands-on skills with AWS, Azure and GCP including work with API/SDK and CLI.
- Strong knowledge and experience with Kubernetes platform and services.
- Experience in evaluating and selecting cloud security solutions from both in-house solutions and third-party vendors.
- Relevant certifications (e.g., CCSP, AWS Certified Solutions Architect - Professional, Azure Solutions Architect Expert) are highly desirable.
- Experience/familiarity (hands-on) with security tools integrated into our CI/CD and production environments such as SonarQube, Snyk, Aqua, etc.
- Code review skills, mainly DotNet & Python
- Additional skills related to Secure Software Development Lifecycle (SSDLC) and Application Security (AppSec) further enhance the candidate's value. These skills may include risk assessments, threat modeling, vulnerability assessments or penetration testing and secure SDLC methodologies (such as Agile or DevSecOps)
- Experience in fintech or financial services industry
- Familiarity with regulatory requirements and compliance standards in the financial industry, such as PCI DSS, PSD2 and GDPR
What will your day-to-day job look like?
In your work, you will work closely with the different R&D groups and teams, providing application security guidance, discussing security challenges, reviewing new or changes in existing business flows and features, approve/decline, and/or provide guidelines and requirements to secure them. You will assist in researching for security solutions when needed and in overall security strategy and vision. You will explore existing vulnerabilities and risks to estimate the likelihood and impact, and strive to resolve them or reduce the risk by R&D, the DevOps team, or within the Cyber team. You will own some of the security tools (like Wiz, Snyk, Aqua) and will work to improve their coverage and configuration, and to route the security violations to the right owner for mitigation.
What will you not do as part of your role?
You will not act as an architect of a specific product and will not design security solutions from scratch. You may help to design secure frameworks like migrating data from on-prem to the cloud, or creating a secure environment for new technologies. You will provide requirements and guidelines, review findings from security tools, but will not do the actual implementation of fixes or the deployment of security tools and solutions.
Who we are:
Payoneer (NASDAQ: PAYO) is the world’s go-to partner for digital commerce, everywhere. From borderless payments to boundless growth, Payoneer promises any business, in any market, the technology, connections and confidence to participate and flourish in the new global economy. Powering growth for customers ranging from aspiring entrepreneurs in emerging markets to the world’s leading brands