Need help paying a bill? Click Here

Data Security Analyst

Remote/Silicon Valley

Company Description:

PayNearMe, a service of Handle Financial, is the industry’s only platform that facilitates cash, debit, credit and ACH payments. With its great mobile experience, PayNearMe’s technology provides a simple way for businesses to collect payments through an intuitive, consistent experience for their customers. PayNearMe is the technology company that’s changing how payments are made.

PayNearMe is a small, diverse, and tight-knit company that loves to delight its customers (merchants, consumers, etc.) with simple, useful and practical product/service offerings. PayNearMe is a Silicon Valley technology company that’s in growth mode and looking to add a Data Security Analyst to our team reporting to the Chief Information Security Officer.

Who You Are:

You’re a data security person. You care about ways that good data winds up in bad places. You understand that in a modern company, data analytics are everywhere and the complexity of managing that means the process of securing the integrity and confidentiality of all data is crucial.

What You’ll Do:

You’ll ensure our data is guarded. Or encrypted. Or sanitized. Whatever is appropriate. You’ll ensure that the people (and systems) with a need-to-know have access, and that people who don’t… dont. 

We run a regulated payment network, so you’re playing in the big league. You are responsible for reviewing design and implementation. 

You’ll be working with some of the best people in FinTech. FinTech is about being agile and innovative, but also about being fundamentally reliable. Those objectives are in constant tension and it’s your mission to see that they are met.

Security isn’t an afterthought, and we practice what we preach. This company was built on solid principles from Day 1. You won’t walk into a place where your job is to backfill a bunch of deeply-hidden weaknesses and clean up a bunch of technical debt. 

You are also wrapped in a solid security team that comprehensively covers all aspects of our mission.

Responsibilities:

  • Keep track of data as it migrates through various systems
  • Ensure access controls are appropriate
  • Apply a thorough understanding of our systems and network topologies 
  • Review schemas and data-flows
  • Understand our security model and strategies, and make sure we adhere to them
  • Build or configure tools to find out how, where, and when sensitive data flows: whether internally or externally
  • Advise on privacy policy and help conduct privacy impact assessments
  • Work with our counterparties to ensure they have appropriate data protection
  • Be innately curious about how systems are broken and breached

If you are a strong coder but have limited experience in security, we’re willing to consider helping you become a world-class data security architect.

Typical Qualifications:

  • Understanding of data classification, including CHD (PCI), PII, NPI, California CCPA
  • Knowledge of data storage techniques (SQL, Snowlake, Looker, S3)
  • Understanding of data extraction and transformation techniques (Looker, Kinesis)
  • Understanding of typical security vulnerabilities
  • Knowledge of access control systems (especially IAM)
  • Knowledge of AWS data storage services (such as DynamoDB and RDS). If not, you’ll learn them.
  • Of course: interest in all aspects of security research and development

Perks & Benefits:

  • Location: Flexible (remote working opportunity available)
  • Free gourmet lunches in our Santa Clara office
  • A well-stocked kitchen in our Santa Clara office
  • Company-paid health insurance including medical, dental, and vision
  • Company-sponsored life and disability insurance
  • Stock options package
  • Stimulating start-up culture committed to diversity and inclusion
  • Flexible time off
  • Paid parental bonding leave


CALIFORNIA CONSUMER PRIVACY ACT: APPLICANT NOTICE

Effective Date: January 1, 2020

Last Reviewed on: December 23, 2019

PayNearMe MT, Inc. and Handle Financial, Inc. (collectively, the “Company”) are providing you with this Notice (“Notice”) to inform you about: 

  1. the categories of Personal Information that the Company collects and maintains about applicants; and
  2. the purposes for which the Company uses that Personal Information.

For purposes of this Notice, “Personal Information” means information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly with, a natural person that the Company may collect in connection with screening applicants for job openings at the Company. 

  1. Identifiers and Professional or Employment-Related Information. The Company collects identifiers and professional or employment-related information, which may include some or all the following: real name, nickname or alias, postal address, telephone number, e-mail address, membership in professional organizations, professional certifications, language skills, and current and past employment history. The Company collects this Personal Information to evaluate previous job performance and consider applicants for positions, to develop a talent pool and plan for succession, to conduct applicant surveys, to maintain an internal applicant directory and for purposes of identification, to promote the Company as a place to work, and for workforce reporting and data analytics/trend analysis.
  1. Personal Information Categories from Cal. Civ. Code § 1798.80(e). The Company may collect categories of Personal Information listed in Cal. Civ. Code §1798.80(e), other than those already listed above, (a) to the extent necessary to comply with the Company’s legal obligations, such as to accommodate disabilities; (b) to conduct a direct threat analysis in accordance with the Americans with Disabilities Act and state law; (c) for occupational health and safety compliance and record-keeping; and (d) to respond to an applicant’s medical emergency.
  1. Characteristics of Protected Classifications Under California or Federal Law. The Company may collect information about race, age, national origin, disability, sex, and veteran status as necessary to comply with legal obligations, including the reporting requirements of the federal Equal Employment Opportunity Act, the federal Office of Contracting Compliance Programs (applicable to government contractors), and California’s Fair Employment and Housing Act. The Company collects this Personal Information for purposes including: to comply with Federal and California law related to accommodation. The Company also collects this category of Personal Information on a purely voluntary basis, except where required by law, and uses the information only in compliance with applicable laws and regulations.
  1. Education Information. The Company collects education information such as resumes and graduation records. The Company collects this Personal Information to determine suitability for roles, to determine eligibility for training courses, and to assist with professional licensing.
  1. Profile Data. The Company may collect profile data, including the following: psychological assessments, behavior analyses, or other profiling of its applicants. The Company collects this Personal Information to determine aptitude for certain positions and job assignments as well.
  1. Background Screening Information. In the event that an applicant is given a formal job offer, the Company collects background screening information prior to hiring, including results of the following types of background screening: criminal history; sex offender registration; motor vehicle records; credit history; employment history; drug testing; and educational history. The Company collects this Personal Information to screen for risks to the Company and its clients, and continued suitability for their jobs and to evaluate applicants for promotions.

Assistance for Disabled Applicants

Alternative formats of this Notice are available to individuals with a disability. Please let us know if you need assistance.