Information Security Risk Manager

PayPal   •  

Scottsdale, AZ

Industry: Consumer Technology

  •  

11 - 15 years

Posted 90 days ago

This job is no longer available.

Job Description

Fueled by a fundamental belief that having access to financial services creates opportunity, PayPal (NASDAQ: PYPL) is committed to democratizing financial services and empowering people and businesses to join and thrive in the global economy. Our open digital payments platform gives PayPal’s 267 million active account holders the confidence to connect and transact in new and powerful ways, whether they are online, on a mobile device, in an app, or in person. Through a combination of technological innovation and strategic partnerships, PayPal creates better ways to manage and move money, and offers choice and flexibility when sending payments, paying or getting paid. Available in more than 200 markets around the world, the PayPal platform, including Braintree, Venmo and Xoom enables consumers and merchants to receive money in more than 100 currencies, withdraw funds in 56 currencies and hold balances in their PayPal accounts in 25 currencies.

This position will be responsible for supporting and executing the Information Security risk management and technical control testing programs for PayPal Holdings, Inc. The position will partner with IT technical staff and leadership to assess and measure risks, identify required controls, and test and validate control effectiveness. Risk assessments will include a combination of qualitative and quantitative measures to determine overall risk ratings. Control objectives will be assessed with technical teams to identify and assess control design and operating effectiveness. Risk and control reporting will be provided to leadership to assist in strategic decision-making activities to strengthen PayPal’s security posture.

PayPal (NASDAQ: PYPL) is committed to democratizing financial services and empowering people and businesses to join and thrive in the global economy. Our open digital payments platform gives PayPal’s 210 million active account holders the confidence to connect and transact in new and powerful ways, whether they are online, on a mobile device, in an app, or in person.

Through a combination of technological innovation and strategic partnerships, PayPal creates better ways to manage and move money, and offers choice and flexibility when sending payments, paying or getting paid. Available in more than 200 markets around the world, the PayPal platform, including Braintree, Venmo and Xoom enables consumers and merchants to receive money in more than 100 currencies, withdraw funds in 56 currencies and hold balances in their PayPal accounts in 25 currencies.

PayPal is looking for new members of a team responsible for managing, implementing and maintaining the Information Security Risk Assurance program within PayPal Holdings, Inc. This team manages the risk program for Information Security, including identifying, measuring, and reporting on risk. Additionally, this team ensures the effectiveness of information security and IT controls by working with control owners to design and test controls to meet PayPal standards and regulatory requirements. The candidate will partner with IT technical staff, as well as internal risk and compliance teams. The team is responsible for providing a range of support activities that enables and ensures the organization can meet its risk goals and demonstrate compliance with policy.

Areas of focus include information security, computer operations, systems development and application controls. Governance Risk and Compliance (GRC) activities include providing risk oversight and managing the ongoing execution of risk assessments and testing of key controls. Activities will implement/leverage GRC tools for on-boarding and automating more quantitative scoring of control effectiveness/maturity and corresponding risk reduction. Additionally, activities include the creation, tracking, and reporting of key risk indicators.

Responsibilities

  • Interpret and influence PayPal Information Security policies, standards, and IT/security controls.
  • Planning, supporting, facilitating, coordinating and executing Information Security risk assessments.
  • Apply qualitative and quantitative measures to calculate and supportrisk ratings
  • Participate in developing and maintaining the overall Governance Risk and Compliance (GRC) management process and strategy.
  • Work in collaboration with corporate risk management and various technical teams in the design and implementation of control self-assessments, and risk assessments for Information Security.
  • Create, document, and implement control test plans, scripts, and procedures.
  • Investigate, analyze and document reported control defects.
  • Partner with Issues Management, Standards and Compliance teams to develop effective process for monitoring, reporting and escalating compliance related issues and exceptions.
  • Work with cross-functional teams in performing reviews and tests of IT internal controls to ensure teams are operating adequate controls.
  • Partner with Security Awareness teams to proactively promote enhanced security controls and training across IT and business units.
  • Create, monitor data points into the IT risk management activities, including monthly dashboards, metrics, and reporting (e.g., GRC tool dashboards).
  • Directs IT functional teams in the development, implementation, monitoring and reporting of control processes.
  • Advises IT and business executives on the status of risks and security findings.
  • Develop automated process to document and score IT/Security control effectiveness based on maturity level and map to corresponding residual risk scores.

Job Requirements

  • 10+ years of combined experience in related information security and technology fields, and risk and control governance.
  • 4+ years of experience with technology risk assessment and control validation
  • Broad security knowledge across common industry security standards (e.g., ISO, NIST, COSO, COBIT, and others).
  • Possess either of the following certifications: CISSP, CISA, CISM, or GIAC.
  • Familiarity with risk management methodologies and tools such as FAIR, RiskLens, or similar is a plus.
  • Technical knowledge of security technologies and architecture in multiple security domains (such as infrastructure hardening, privileged access, data security, endpoint security, anti-malware, networksecurity, application security and others).
  • Advanced MS Office skills: Word, PowerPoint, Excel & Database
  • Excellent writing and verbal communication skills, interpersonal and presentation skills and the proven ability to influence and communicate effectively.
  • Ability to plan, organize, and meet deadlines without close supervision
  • Bachelor’s degree from an accredited college (Information Technology, Information Assurance, Cyber Security or related disciplines preferred)

We are a purpose-driven company whose beliefs are the foundation for how we conduct business every day. We hold ourselves to our One Team Behaviors which demand that we hold ourselves to the highest ethical standards, to empower an open and diverse workplace, and strive to treat everyone who is touched by our business with dignity and respect. Our employees challenge the status quo, ask questions, and find solutions. We want to break down barriers to financial empowerment. Join us as we change the way the world defines financial freedom.

PayPal provides equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, pregnancy, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, PayPal will provide reasonable accommodations for qualified individuals with disabilities.


We're a purpose-driven company whose beliefs are the foundation for how we conduct business every day. We hold ourselves to our One Team Behaviors which demand that we hold the highest ethical standards, to empower an open and diverse workplace, and strive to treat everyone who is touched by our business with dignity and respect. Our employees challenge the status quo, ask questions, and find solutions. We want to break down barriers to financial empowerment. Join us as we change the way the world defines financial freedom.

PayPal provides equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, pregnancy, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, PayPal will provide reasonable accommodations for qualified individuals with disabilities.

R0037068