Security Architect

About PayPay

PayPay, a fintech company launched in 2018, has surpassed 70 million users in approximately 7 years. Our diverse team comprises members from over 50 countries and regions.

We leverage the latest technologies, including AI, and data to achieve rapid service development and business growth. We are seeking passionate professionals to join us in accelerating the adoption of cashless payments and financial life platforms in Japan, and to collaboratively create new value for our users.

About the Role

Introduction to the Security Architect Team

This team acts as a bridge between SOC, CSIRT, and RedTeam, engaging in both offensive and defensive security. Team members come from various backgrounds, primarily including SOC experienced individuals, as well as CSIRT, network engineers, and SIEM/log monitoring engineers. Many have prior experience in the security industry, utilizing their knowledge to drive advanced security initiatives.

• Aiming to be the No. 1 safe and secure fintech company - CISO talks
• Introducing PayPay's top-tier CISO Office

Background of Recruitment

Having moved past the initial setup phase, we are now in a stage aiming for a more mature organization. A key challenge is the stabilization and hardening of our security infrastructure, especially for enhancing security monitoring. Therefore, knowledge of security, development, and infrastructure is required.

Furthermore, as we face opportunities for sophisticated attacks, we seek broad expertise not only in devising defenses when attacks occur but also in evaluating security from an attacker's perspective.

Specific Job Responsibilities

Within the department overseeing risk and security, you will be responsible for internal information security tasks necessary for PayPay's business expansion.

Upon joining, you are expected to primarily handle the following tasks:

• Integration and enhancement of SIEM with other services
• Automation of monitoring operations
• Development to support CSIRT

Additionally, depending on your experience and preferences, you may be assigned to the following tasks:

• Hardening and codification of infrastructure environments
• SOC (Security Operation Center) operations
• Threat hunting through integrated log analysis
• Vulnerability information collection, dissemination, and response promotion
• Strengthening cyber resilience through threat intelligence utilization
• Forensic investigation and malware analysis
• Phishing site investigation and response
• Purple Teaming operations
• CSIRT (Computer Security Incident Response Team) operations
• Information security awareness activities (rule formulation, dissemination, education, enforcement)
• Information exchange and cooperation with internal and external related organizations, companies, and associations

Development Environment

| Python, Node.js, Go

| MySQL, Docker, Github Action, AWS

| draw.io, miro.com

| Slack, Zoom

| EDR, SIEM, Proxy, etc.

Appeal of this Position

• You can gain experience in maximizing your experience and knowledge to produce many outputs in a short period.
• You will have significant autonomy and can flexibly propose and implement improvements.
• Both offensive and defensive perspectives are required.
• You can gain experience in designing and modeling attack predictions using threat intelligence and threat analysis.
• There are opportunities for collaboration, skill development, and job changes with the Red Team.

Required Experience/Skills

Individuals who can proactively promote business efficiency and automation using AI, and have experience in at least two of the following:

• 2+ years of application/cloud infrastructure development experience using cloud environments like AWS, GCP, etc.
• 2+ years of experience in vulnerability assessment, etc.
• 2+ years of experience in a CSIRT organization
• 2+ years of experience in a SOC organization
• Basic knowledge or experience in general information security

Desirable Experience/Skills

• Experience in building and operating SIEM
• Understanding, building, and operating cloud services (AWS, GCP, etc.)
• Experience in coordination with multiple departments or equivalent communication skills
• English communication skills (daily conversation level or higher, emphasis on reading and writing)
• Work experience in financial institutions or payment companies
• Knowledge of NIST Cybersecurity Framework
• Knowledge of MITRE ATT&CK
• Experience in forensic investigation and malware analysis

• *Note: We also welcome applications from cloud infrastructure engineers who are interested in the security field.*

PayPay's Ideal Candidate Profile

• Individuals who align with PayPay 5 senses

Terms and Conditions

Employment Type

• Full-time employee

Work Location

• Hybrid Workstyle (office, home, or satellite office for remote work)
• *Attendance/remote work will be determined according to organizational rules and work instructions.*
• *Use of satellite offices will follow departmental rules.*

Working Hours

• Super Flex System (no core time)
• Principle: 9:00 AM - 5:45 PM (7 hours 45 minutes actual work + 1 hour break)

Holidays

• Saturdays, Sundays, public holidays, New Year holidays, and company-designated days

Leave (Statutory Leave and Company Benefits)

• Annual paid leave (14 days in the first year, prorated by joining month, usable from joining date)
• Personal leave (5 days per year; 3 or 5 days in the first year depending on joining month)
• *This is PayPay's unique special paid leave system, which can be used for illness/injury/hospital visits for oneself, family, pets, etc.*

Salary

• Annual salary system (includes a portion of fixed overtime pay)
• Determined according to company regulations based on experience, skills, performance, and contribution
• Reviewed once a year
• Special bonus (incentive) paid once a year based on company performance and individual contribution
• Overtime work allowance, late-night work allowance available

• *Note: A portion of your salary can be received in your PayPay account (supports digital salary payment).*

Benefits

• Social insurance (health insurance, employee pension, employment insurance, worker's accident insurance)
• Corporate defined contribution pension plan