Please note that this site has updated features that do not run on older versions of Internet Explorer. For an optimal experience, please use another browser or the most recent version of IE.

Sr. Cybersecurity Risk Engineer in Austin at PayPal

Date Posted: 4/9/2021

Job Snapshot

Job Description

Fueled by a fundamental belief that having access to financial services creates opportunity, PayPal (NASDAQ: PYPL) is committed to democratizing financial services and empowering people and businesses to join and thrive in the global economy. Our open digital payments platform gives PayPal’s 375 million active account holders the confidence to connect and transact in new and powerful ways, whether they are online, on a mobile device, in an app, or in person. Through a combination of technological innovation and strategic partnerships, PayPal creates better ways to manage and move money, and offers choice and flexibility when sending payments, paying or getting paid. Available in more than 200 markets around the world, the PayPal platform, including Braintree, Venmo and Xoom enables consumers and merchants to receive money in more than 100 currencies, withdraw funds in 56 currencies and hold balances in their PayPal accounts in 25 currencies.

PayPal is committed to democratizing financial services for the global citizens. We are looking for a high-energy, passionate, and self-driven Sr. Cybersecurity Risk Engineer, to build and deliver capabilities and services to continuous assess our threat models and analyze impacts of the rapidly evolving global landscape. The Sr. Cybersecurity Risk Engineer will maintain the library of technical and operational risk models and will have responsibilities to partner and collaborate across multi-functional teams to gain deep insight into our dynamic environments and evolving security capabilities. Participate in strategic initiatives and influence business priorities through awareness and advocacy of trending cybersecurity threats and events. If you are passionate about applied technical cybersecurity, and assessing & analyzing for threats to determine operational and technical risks, then come and join our ECS team by applying for this role.

Be a technical thought leader as part of PayPal's Enterprise Cyber Security team. Bring security expertise in threat and risk management as well as a cloud-first mindset to a challenging and dynamic environment.

Research and Analyze Threats & Impacts

  • Develop technical hands-on knowledge and experience of PayPal’s global infrastructure and capabilities, and gain deep understanding of the company’s capabilities.
  • Partner with cross-functional team leads to gain awareness of evolving business and technical threat landscape, including strategic business roadmaps and external industry events & campaigns.
  • Develop and maintain technical and operational risk framework to analyze for threats and impacts based on classes of threat actors and capabilities, our defensive capabilities, and our operational business models and the threat trends as they evolve globally.
  • Perform and apply quantitative analysis against various threat scenarios to develop and prioritized unanticipated impacts against PayPal.

Technical Writing, Communicate and Influence

  • Own and maintain the library of threat models with detailed business impact analysis.
  • Publish prioritized technical & operational risk models that will be consumed by the stakeholders from variety of business and technical acumens.
  • Maintain in-depth and detailed attack surface analysis and effectiveness of defensive capabilities.
  • Leverage data to influence the business – demonstrate and highlight high risks areas and decisions.

Impact on the Business

  • Influence business priorities and organizational decisions through operational cadences to provide awareness and education of impending and changing threats and impacts.
  • Collaborate across multilayer stakeholders from engineers to business leaders.
  • Partner with the security product management team to provide insights to assist in roadmap prioritization.
  • Responsible for defining metrics to measure success and performance.

Experience Requirements

  • Minimum of 9 years’ experience in technical security role at a large, global company in dynamic and fast-changing market or as a security consultant in large, global enterprises.
  • Demonstrated experience and confidence on hands-on assessment of multi-discipline of technology, including security infrastructure and products, hybrid cloud infrastructure, DevOps tools, web and mobile technologies.
  • Deep subject matter expertise in threat modeling concepts, approaches and methods. Knowledgeable in common threat assessment frameworks, such as STRIDE, PASTA, DREAD, etc., and understand nuance on effective application of the methods.
  • Experience in quantitative risk frameworks and perform business impact analysis, such as FAIR, OCTAVE, COBIT, etc.
  • Experience with large software engineering and security engineering organizations.
  • Excellent communication and technical writing skills.

Competency Requirements

  • Demonstrated ability to assess complex business problems, perform technical assessments, and perform operational business assessments.
  • Ability to lead discussions and align cross-functional teams to security concepts and risks.
  • Develop the business, information, and technical artifacts that articulates and describes technical threats, business impacts and operational risks.

We're a purpose-driven company whose beliefs are the foundation for how we conduct business every day. We hold ourselves to our One Team Behaviors which demand that we hold the highest ethical standards, to empower an open and diverse workplace, and strive to treat everyone who is touched by our business with dignity and respect. Our employees challenge the status quo, ask questions, and find solutions. We want to break down barriers to financial empowerment. Join us as we change the way the world defines financial freedom.

PayPal provides equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, pregnancy, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, PayPal will provide reasonable accommodations for qualified individuals with disabilities. If you are unable to submit an application because of incompatible assistive technology or a disability, please contact us at paypalglobaltalentacquisition@paypal.com.

R0066254