PayNearMe develops technology to facilitate the end-to-end customer payment experience, making it easy for businesses to accept, disburse and manage payments. Our modern and reliable platform lowers the total cost of payments by increasing acceptance rates, driving self-service and simplifying exceptions. We future-proof our clients’ payments roadmap by including all payment types and channels through a single contract and integration. With PayNearMe, businesses can transform the outdated systems holding them back from achieving progress. PayNearMe has over 200 employees, closed a $45M Series D round in June 2023, and is processing over $1B in payments monthly. We’re headquartered in Silicon Valley with our employees distributed all across the U.S. Help us solve our clients’ biggest payment problems. We’re in growth mode and looking to add a talented and experienced Application Security Engineer. This position will report to our Chief Information Security Officer. Job Description Conduct thorough security code reviews for all software releases, including new software developed in-house, as well as third-party and open-source contributions. Identify and assess potential vulnerabilities in code written in various languages, including GO and Ruby, and provide actionable recommendations for mitigation. Collaborate closely with development teams to integrate security best practices into the software development lifecycle. Develop and maintain documentation related to security processes, standards, and guidelines. Utilize SAST and DAST scanning within the CI pipeline and confirm findings to enhance application security. Manage and implement security architecture for API solutions. Qualifications Bachelor’s degree in Computer Science, Information Security, or a related field. 5 years experience as an application analyst and/or conducting security code reviews and vulnerability assessments. 2 years of experience with QA software testing processes and methodologies. Solid understanding of application security principles, with a focus on identifying and mitigating common vulnerabilities. Proficiency in GO and Ruby, with some experience in a current framework, such as Rails or React. Familiarity with APIs and their security implications. Excellent communication and collaboration skills, with the ability to work effectively in a cross-functional team environment. Ability to work independently and as part of a team. Strong analytical and problem-solving skills. Experience with specific security standards and regulations, such as PCI, NYDFS, CCPA, ISO, NIST and/or SoX. Additional Information Base salary per year (paid semi-monthly) Fast- paced and professional work culture Stock options with standard startup vesting – 1 year cliff; 4 years total
- 50 monthly communication expense stipend to go towards your phone/internet bill
- 250 stipend to enhance your WFH setup
Reimbursement for peripheral equipment: monitor (up to $400), keyboard and mouse (up to $200) Premium medical benefits including vision and dental (100% coverage for employees) Company-sponsored life and disability insurance Paid parental bonding leave Paid sick leave, jury duty, bereavement 401k plan Flexible Time Off (our team members typically take off ~3-4 weeks per year) 4-6x / year in-person team meet-ups Salary Range: $160,000 – 175,000 PayNearMe strives to create a workplace where all employees thrive. Ourcore values represent who we are today and we take pride in the way we work with each other as well as with our stakeholders. We’re in this together to do the right thing . We deliver real results we are proud of while remaining respectful , transparent , and flexible . PayNearMe is an equal opportunity employer. We are diligently and thoughtfully working towards cultivating a diverse workforce which in turn, enhances our products and services for the communities we serve. Applicants who represent all backgrounds are strongly encouraged to apply. Alternative formats of this Notice are available to individuals with a disability. Please let us know if you need assistance. All your information will be kept confidential according to EEO guidelines. #J-18808-Ljbffr
ISO standards application-security Ruby on Rails remote work Go pci API ccpa React Ruby sox