Senior Cybersecurity Threat Analyst
PayPal, Scottsdale, AZ, United States
Detection Engineer
PayPal has been revolutionizing commerce globally for more than 25 years. Creating innovative experiences that make moving money, selling, and shopping simple, personalized, and secure, PayPal empowers consumers and businesses in approximately 200 markets to join and thrive in the global economy. We're looking for a forward-thinking Detection Engineer to join our Threat Detection team within Security Operations. This role is focused on building high-fidelity, scalable detections that reduce risk and improve response effectiveness across enterprise, cloud, and product environments. You will partner closely with Incident Response, Threat Intelligence, Product Security, and Platform teams to design resilient detection strategies, close visibility gaps, and continuously improve our defensive posture. This role goes beyond writing alerts. It requires strategic thinking, ownership of detection lifecycle maturity, and a strong bias toward measurable impact. Essential Responsibilities: Independently apply security best practices to enhance and optimize cyber threat management, ensuring robust protection and efficiency, while beginning to understand and align security measures with business objectives. Partner with peers and internal teams to drive security initiatives, contribute to cross-functional projects, and at times co-lead efforts to strengthen security posture and cyber threat management. Analyze and resolve security challenges by adapting standard cyber threat management processes and exploring alternative approaches to address complex threats. Influence the quality, efficiency, and effectiveness of the team through informed decision-making, with a potential impact on other teams. Collaborate with key partners to gather and incorporate feedback, driving continuous improvements in cyber threat management. Minimum Qualifications: 3+ years relevant experience and a Bachelor's degree OR Any equivalent combination of education and experience. Core Responsibilities: Translate threat actor TTPs and MITRE ATT&CK techniques into reliable, scalable detections. Maintain high signal-to-noise ratios by minimizing false positives while preserving coverage. Continuously evaluate detection effectiveness and recommend improvements. Collaborate with Incident Response to refine detection based on real-world investigations. Support strategic initiatives such as SIEM and SOAR migrations, detection standardization, and automation scaling. Contribute to detection frameworks, documentation standards, and repeatable processes to mature the program. What You Bring: 5+ years of experience in cybersecurity with a focus on detection engineering, threat hunting, or security automation. Strong hands-on experience with SIEM platforms (Splunk, Sentinel, Google SecOps, etc.) and EDR tools (CrowdStrike, SentinelOne, etc.). Proficiency in SIEM query languages such as SPL or KQL. Solid understanding of adversary behavior, attack lifecycle, and detection engineering principles. Experience building and maintaining automation using scripting languages such as Python or PowerShell. Ability to think strategically about detection coverage, data quality, and operational efficiency. Strong collaboration skills and the ability to influence cross-functional teams. PayPal does not charge candidates any fees for courses, applications, resume reviews, interviews, background checks, or onboarding. When making an application directly, we will never ask you to share passwords, one-time passcodes (OTP), or verification codes. Any such request is a red flag and likely part of a scam. All communication regarding your application will come from official PayPal email domains. If you suspect fraudulent activity, please report it immediately. To learn more about how to identify and avoid recruitment fraud please visit https://careers.pypl.com/contact-us. For the majority of employees, PayPal's balanced hybrid work model offers 3 days in the office for effective in-person collaboration and 2 days at your choice of either the PayPal office or your home workspace, ensuring that you equally have the benefits and conveniences of both locations. Our Benefits: At PayPal, we're committed to building an equitable and inclusive global economy. And we can't do this without our most important asset-you. That's why we offer comprehensive, choice-based programs, to support all aspects of personal wellbeingphysical, emotional, and financialdelivering meaningful value where it matters most.?We strive to create a flexible, balanced work culture with a holistic approach to benefits, including generous paid time off, healthcare coverage for you and your family, and resources to create financial security and support your mental health. PayPal provides equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, pregnancy, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state, or local law. In addition, PayPal will provide reasonable accommodations for qualified individuals with disabilities. If you are unable to submit an application because of incompatible assistive technology or a disability, please contact us at paypalglobaltalentacquisition@paypal.com.
PayPal has been revolutionizing commerce globally for more than 25 years. Creating innovative experiences that make moving money, selling, and shopping simple, personalized, and secure, PayPal empowers consumers and businesses in approximately 200 markets to join and thrive in the global economy. We're looking for a forward-thinking Detection Engineer to join our Threat Detection team within Security Operations. This role is focused on building high-fidelity, scalable detections that reduce risk and improve response effectiveness across enterprise, cloud, and product environments. You will partner closely with Incident Response, Threat Intelligence, Product Security, and Platform teams to design resilient detection strategies, close visibility gaps, and continuously improve our defensive posture. This role goes beyond writing alerts. It requires strategic thinking, ownership of detection lifecycle maturity, and a strong bias toward measurable impact. Essential Responsibilities: Independently apply security best practices to enhance and optimize cyber threat management, ensuring robust protection and efficiency, while beginning to understand and align security measures with business objectives. Partner with peers and internal teams to drive security initiatives, contribute to cross-functional projects, and at times co-lead efforts to strengthen security posture and cyber threat management. Analyze and resolve security challenges by adapting standard cyber threat management processes and exploring alternative approaches to address complex threats. Influence the quality, efficiency, and effectiveness of the team through informed decision-making, with a potential impact on other teams. Collaborate with key partners to gather and incorporate feedback, driving continuous improvements in cyber threat management. Minimum Qualifications: 3+ years relevant experience and a Bachelor's degree OR Any equivalent combination of education and experience. Core Responsibilities: Translate threat actor TTPs and MITRE ATT&CK techniques into reliable, scalable detections. Maintain high signal-to-noise ratios by minimizing false positives while preserving coverage. Continuously evaluate detection effectiveness and recommend improvements. Collaborate with Incident Response to refine detection based on real-world investigations. Support strategic initiatives such as SIEM and SOAR migrations, detection standardization, and automation scaling. Contribute to detection frameworks, documentation standards, and repeatable processes to mature the program. What You Bring: 5+ years of experience in cybersecurity with a focus on detection engineering, threat hunting, or security automation. Strong hands-on experience with SIEM platforms (Splunk, Sentinel, Google SecOps, etc.) and EDR tools (CrowdStrike, SentinelOne, etc.). Proficiency in SIEM query languages such as SPL or KQL. Solid understanding of adversary behavior, attack lifecycle, and detection engineering principles. Experience building and maintaining automation using scripting languages such as Python or PowerShell. Ability to think strategically about detection coverage, data quality, and operational efficiency. Strong collaboration skills and the ability to influence cross-functional teams. PayPal does not charge candidates any fees for courses, applications, resume reviews, interviews, background checks, or onboarding. When making an application directly, we will never ask you to share passwords, one-time passcodes (OTP), or verification codes. Any such request is a red flag and likely part of a scam. All communication regarding your application will come from official PayPal email domains. If you suspect fraudulent activity, please report it immediately. To learn more about how to identify and avoid recruitment fraud please visit https://careers.pypl.com/contact-us. For the majority of employees, PayPal's balanced hybrid work model offers 3 days in the office for effective in-person collaboration and 2 days at your choice of either the PayPal office or your home workspace, ensuring that you equally have the benefits and conveniences of both locations. Our Benefits: At PayPal, we're committed to building an equitable and inclusive global economy. And we can't do this without our most important asset-you. That's why we offer comprehensive, choice-based programs, to support all aspects of personal wellbeingphysical, emotional, and financialdelivering meaningful value where it matters most.?We strive to create a flexible, balanced work culture with a holistic approach to benefits, including generous paid time off, healthcare coverage for you and your family, and resources to create financial security and support your mental health. PayPal provides equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, pregnancy, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state, or local law. In addition, PayPal will provide reasonable accommodations for qualified individuals with disabilities. If you are unable to submit an application because of incompatible assistive technology or a disability, please contact us at paypalglobaltalentacquisition@paypal.com.