Application Security Engineer

At eBay, we're more than a global ecommerce leader — we’re changing the way the world shops and sells. Our platform empowers millions of buyers and sellers in more than 190 markets around the world. We’re committed to pushing boundaries and leaving our mark as we reinvent the future of ecommerce for enthusiasts.

Our customers are our compass, authenticity thrives, bold ideas are welcome, and everyone can bring their unique selves to work — every day. We're in this together, sustaining the future of our customers, our company, and our planet.

Join a team of passionate thinkers, innovators, and dreamers — and help us connect people and build communities to create economic opportunity for all.

About the role and team:

We are seeking an experienced Application Security Engineer to join our Global Information Security Team.

You will be instrumental in analyzing the technical solutions and conduct detailed security assessments of our merchants and acquisitions to ensure they align with business objectives and adhere to our organizational security policies and regulatory requirements.

This role requires a strong foundation in application security, vulnerability management, secure coding practices, and an understanding of the secure software development lifecycle (SDLC).

What you will accomplish:

• Collaborate with multi-functional teams to integrate security measures into the SDLC and provide mentorship on secure coding practices.

• Develop and maintain application security policies, procedures, and standards in line with organizational goals and compliance requirements.

• Perform regular security reviews, code audits, and dynamic application security testing to identify and address vulnerabilities and manage the tracking and remediation of identified security issues in collaboration with development and operations teams.

• Provide expert advice on application security to partners and recommend security improvements and stay abreast of the latest security threats, trends, and technologies to continually improve our security posture.

• Work with compliance teams to ensure that all technical solutions align with relevant industry regulations such as GDPR, HIPAA, PCI-DSS, etc.

• Document security findings, risk assessments, and remediation strategies in a clear and concise manner and assist in the development of security awareness training programs for developers and other relevant staff.

What you will bring:

• Bachelor's or master’s degree in computer science, Information Security, or a related field and 8+ years of experience in application security or a related role.

• Strong understanding of application security principles, OWASP Top 10, and common attack vectors and experience with secure coding practices and security testing tools (SAST, DAST, IAST).

• Knowledge of the secure software development lifecycle and DevSecOps integration.

• Familiarity with various programming languages (e.g., Java, C#, Python, JavaScript) and frameworks.

• Proven track record of handling security projects and work collaboratively with IT and development teams.

• Relevant security certifications (e.g., GWAPT, GWEB, CEH, OSCP) are preferred.

#LI-BB1

The pay range for this position at commencement of employment in California, Washington, or New York is expected in the range below.

Base pay offered may vary depending on multiple individualized factors, including location, skills, and experience. The total compensation package for this position may also include other elements, including a target bonus and restricted stock units (as applicable) in addition to a full range of medical, financial, and/or other benefits (including 401(k) eligibility and various paid time off benefits, such as PTO and parental leave). Details of participation in these benefit plans will be provided if an employee receives an offer of employment.

If hired, employees will be in an “at-will position” and the Company reserves the right to modify base salary (as well as any other discretionary payment or compensation program) at any time, including for reasons related to individual performance, Company or individual department/team performance, and market factors.

Please see the Talent Privacy Notice for information regarding how eBay handles your personal data collected when you use the eBay Careers website or apply for a job with eBay.

eBay is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, sex, sexual orientation, gender identity, veteran status, and disability, or other legally protected status. If you have a need that requires accommodation, please contact us at talent@ebay.com. We will make every effort to respond to your request for accommodation as soon as possible. View our accessibility statement to learn more about eBay's commitment to ensuring digital accessibility for people with disabilities.

Jobs posted with location as "Remote - United States (Excludes: HI, NM)" excludes residents of Hawaii and New Mexico.

This website uses cookies to enhance your experience. By continuing to browse the site, you agree to our use of cookies. Visit our Privacy Center for more information.