PayNearMe, a service of Handle Financial, is the industry’s only platform that facilitates cash, debit, credit and ACH payments. With its great mobile experience, PayNearMe’s technology provides a simple way for businesses to collect payments through an intuitive, consistent experience for their customers. PayNearMe is the technology company that’s changing how payments are made.
PayNearMe is a small, diverse, and tight-knit company that loves to delight its customers (merchants, consumers, etc.) with simple, useful and practical product/service offerings. PayNearMe is a Silicon Valley technology company that’s in growth mode and looking to add an Application Security Analyst to our team reporting to the Chief Information Security Officer.
Who You Are:
You’re an application security person, a special kind of coder. You have a nose for ways systems break when actively exploited. You don’t just care that they work for the typical user: you care that against a hostile party, they don’t give up the goods.
What You’ll Do:
You’ll ensure our transaction processing applications can’t be breached. We run a regulated payment network, so you’re playing in the big league. You are responsible for reviewing design and implementation.
Since you are a coder, you’ll also build security tools.
You’ll be working with some of the best people in FinTech. FinTech is about being agile and innovative, but also about being fundamentally reliable. Those objectives are in constant tension and it’s your mission to see that they are met.
Security isn’t an afterthought, and we practice what we preach. This company was built on solid principles from Day 1. You won’t walk into a place where your job is to backfill a bunch of deeply-hidden weaknesses and clean up a bunch of technical debt.
You are also wrapped in a solid security team that comprehensively covers all aspects of our mission.
- Keep us secure!
- Review the design of new features and products
- Think critically about architectural strengths and weaknesses
- Evangelize and mentor the engineering team about secure coding
- Build security tools
- Be innately curious about how applications are broken, breached, or abused.
If you are a strong coder but have limited experience in security, we’re willing to consider helping you become a world-class security architect.
- 5 or more years developing and/or security-reviewing Ruby (and Rails) code
- Thorough understanding of typical security vulnerabilities
- Knowledge of authentication and authorization, applied cryptography
- Knowledge of web technologies and network protocols
- Bachelor’s degree in CS, engineering, or related field, or equivalent experience
- You know how to use static code analysis tools
- Ability to communicate about security
- Optional: you understand AWS security services (such as IAM and CloudTrail) as well as data storage and processing (such as Kinesis, RDS, and DynamoDB).
- Of course: interest in all aspects of security research and development
Perks & Benefits:
- Location: Flexible (remote working opportunity available)
- Company-paid health insurance including medical, dental, and vision
- Company-sponsored life and disability insurance
- Stock options package
- Stimulating start-up culture committed to diversity and inclusion
- Flexible time off
- Paid parental bonding leave
CALIFORNIA CONSUMER PRIVACY ACT: APPLICANT NOTICE
Effective Date: January 1, 2020
Last Reviewed on: December 23, 2019
PayNearMe MT, Inc. and Handle Financial, Inc. (collectively, the “Company”) are providing you with this Notice (“Notice”) to inform you about:
- the categories of Personal Information that the Company collects and maintains about applicants; and
- the purposes for which the Company uses that Personal Information.
For purposes of this Notice, “Personal Information” means information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly with, a natural person that the Company may collect in connection with screening applicants for job openings at the Company.
- Identifiers and Professional or Employment-Related Information. The Company collects identifiers and professional or employment-related information, which may include some or all the following: real name, nickname or alias, postal address, telephone number, e-mail address, membership in professional organizations, professional certifications, language skills, and current and past employment history. The Company collects this Personal Information to evaluate previous job performance and consider applicants for positions, to develop a talent pool and plan for succession, to conduct applicant surveys, to maintain an internal applicant directory and for purposes of identification, to promote the Company as a place to work, and for workforce reporting and data analytics/trend analysis.
- Personal Information Categories from Cal. Civ. Code § 1798.80(e). The Company may collect categories of Personal Information listed in Cal. Civ. Code §1798.80(e), other than those already listed above, (a) to the extent necessary to comply with the Company’s legal obligations, such as to accommodate disabilities; (b) to conduct a direct threat analysis in accordance with the Americans with Disabilities Act and state law; (c) for occupational health and safety compliance and record-keeping; and (d) to respond to an applicant’s medical emergency.
- Characteristics of Protected Classifications Under California or Federal Law. The Company may collect information about race, age, national origin, disability, sex, and veteran status as necessary to comply with legal obligations, including the reporting requirements of the federal Equal Employment Opportunity Act, the federal Office of Contracting Compliance Programs (applicable to government contractors), and California’s Fair Employment and Housing Act. The Company collects this Personal Information for purposes including: to comply with Federal and California law related to accommodation. The Company also collects this category of Personal Information on a purely voluntary basis, except where required by law, and uses the information only in compliance with applicable laws and regulations.
- Education Information. The Company collects education information such as resumes and graduation records. The Company collects this Personal Information to determine suitability for roles, to determine eligibility for training courses, and to assist with professional licensing.
- Profile Data. The Company may collect profile data, including the following: psychological assessments, behavior analyses, or other profiling of its applicants. The Company collects this Personal Information to determine aptitude for certain positions and job assignments as well.
- Background Screening Information. In the event that an applicant is given a formal job offer, the Company collects background screening information prior to hiring, including results of the following types of background screening: criminal history; sex offender registration; motor vehicle records; credit history; employment history; drug testing; and educational history. The Company collects this Personal Information to screen for risks to the Company and its clients, and continued suitability for their jobs and to evaluate applicants for promotions.
Assistance for Disabled Applicants
Alternative formats of this Notice are available to individuals with a disability. Please let us know if you need assistance.