Fueled by a fundamental belief that having access to financial services creates opportunity, PayPal (NASDAQ: PYPL) is committed to democratizing financial services and empowering people and businesses to join and thrive in the global economy. Our open digital payments platform gives PayPal’s 267 million active account holders the confidence to connect and transact in new and powerful ways, whether they are online, on a mobile device, in an app, or in person. Through a combination of technological innovation and strategic partnerships, PayPal creates better ways to manage and move money, and offers choice and flexibility when sending payments, paying or getting paid. Available in more than 200 markets around the world, the PayPal platform, including Braintree, Venmo and Xoom enables consumers and merchants to receive money in more than 100 currencies, withdraw funds in 56 currencies and hold balances in their PayPal accounts in 25 currencies.
The Global Governance Risk and Compliance (GGRC) Testing Team is seeking a Risk & Compliance IT/Privacy Tester to support the Independent Testing Program within the Second Line of Defense (SLOD). This position will be primarily responsible for designing and executing testing engagements and partnering with Subject Matter Experts and other testing teams to ensure that SLOD testing is completed in an effective, efficient, and timely manner. This role requires a self-starter with the ability to operate independently and manage multiple competing priorities with difficult deadlines.
Primary Job Responsibilities:
• Serve as the Compliance SLOD Subject Matter Expert/Point of Contact for testing of IT and Privacy processes.
• Design SLOD testing engagements
• Support and maintain regular reporting as prescribed within the program
• Coordinate with SMEs to ensure testing results are disseminated to the appropriate decision makers in a timely manner.
• Handle both proactive and reactive needs arising from additional oversight and manage corresponding take away items.
• Must have a strong understanding of regulatory requirements and compliance testing design, management and execution.
• Know and support company and departmental procedures; regularly review and ensure that specialists follow procedures, process flows and guidelines.
• Champion change in organization by supporting others through the phases of change, communicate positively and consistently through the change
• Create an inclusive and trusting work environment and culture so specialists are motivated to perform at their highest level while bringing the best of themselves to work
• Must have a strong understanding of business controls, IT & Privacy regulatory requirements and testing design, management and execution.
• Demonstrated analytical, cross-referencing and deductive reasoning skills.
• Strong project management organizational, communication, presentation and interpersonal skills.
• Skill in focusing on desired results, determining what is important and urgent, clarifying next steps, and delegating effectively to meet deadlines and achieve desired results.
• Able to maintain composure under pressure and make sound decisions.
• Must display professional judgment, commitment, integrity, teamwork, and customer service.
• Basic Knowledge of internal systems and software (Admin Tools, CSA, FDR, Norkom, etc), and the ability to learn and adapt to new internal processes and systems.
• Proficient in the use of a personal computer and its applications, including Windows and Windows based applications (Word, Excel, Power Point, etc).
• Thrives working in a fast-paced environment while maintaining composure and able to make sound decisions under pressure.
• Strong communication skills in all formats (verbal, written) and ability to effectively communicate with direct reports, peer team leaders and business unit management.
• 3+ years of experience with Big Four, internal audit, and/or testing with a focus on Information Security, IT, and Data Protection.
• Familiarity with SSAE16 SOC1/SOC2, PCI and standards such as NIST and ISO
• Familiarity with E.U. data protection and privacy regulations, such as such as PSD2 and GDPR
• Familiarity with U.S. privacy regulations is a plus.
• Big 4, or management/IT consulting experience
• CISSP, CISM, CISA, CIPP and similar certifications
• Understanding of fintech, e-commerce, cloud computing, operating systems, web technologies and enterprise securityarchitecture.
• Familiar with Risk Management, ITIL, ISO 27k, ethical hacking concepts
• Experience with business continuity planning and testing, third-party security management, and secure build methodologies
• BS degree in Computer Information Systems, Computer Science or relevant or related field
We're a purpose-driven company whose beliefs are the foundation for how we conduct business every day. We hold ourselves to our One Team Behaviors which demand that we hold the highest ethical standards, to empower an open and diverse workplace, and strive to treat everyone who is touched by our business with dignity and respect. Our employees challenge the status quo, ask questions, and find solutions. We want to break down barriers to financial empowerment. Join us as we change the way the world defines financial freedom.
PayPal provides equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, pregnancy, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, PayPal will provide reasonable accommodations for qualified individuals with disabilities.