Please note that this site has updated features that do not run on older versions of Internet Explorer. For an optimal experience, please use another browser or the most recent version of IE.

Manager, Technology GRC (SOX-404) in Scottsdale at PayPal

Date Posted: 10/20/2020

Job Snapshot

Job Description

Fueled by a fundamental belief that having access to financial services creates opportunity, PayPal (NASDAQ: PYPL) is committed to democratizing financial services and empowering people and businesses to join and thrive in the global economy. Our open digital payments platform gives PayPal’s 325 million active account holders the confidence to connect and transact in new and powerful ways, whether they are online, on a mobile device, in an app, or in person. Through a combination of technological innovation and strategic partnerships, PayPal creates better ways to manage and move money, and offers choice and flexibility when sending payments, paying or getting paid. Available in more than 200 markets around the world, the PayPal platform, including Braintree, Venmo and Xoom enables consumers and merchants to receive money in more than 100 currencies, withdraw funds in 56 currencies and hold balances in their PayPal accounts in 25 currencies.

Manager – Technology, GRC The Tech GRC Manager (SOX-404), will have the responsibility for managing the PayPal Technology & Security risk & compliance programs as part of the First Line of Defense (FLOD) function for the CTO organization. This position will focus on IT General Controls (ITGCs) and work directly with the PayPal SOX PMO team in coordinating and executing the annual SOX audits with our external audit firm The candidate will lead change and rollout of comprehensive programs to internal controls, as well as compliance obligations (especially SOX compliance) for the TPX organization. The candidate will ensure appropriate controls are in place, key stakeholders are engaged, senior leaders are informed while helping PayPal remain compliant with compliance obligations and avoid events that could adversely impact our business objectives. The ideal candidate must be, without a doubt, passionate about our customers, partners, stakeholders, and technology. Excellent interpersonal skills, communication, and leadership skills will be critical for success. Success depends on building rapport and credibility with multiple stakeholders across the organization to organize and drive execution.


  • Understand and apply the enterprise policies, standards and framework for governance, risk & compliance.
  • Lead IT SOX compliance program under FLOD capacity of CTO organization in accordance with PCAOB standards.
  • Work with different stakeholders and external auditors to maintain up-to-date documentation for scoping, testing and remediation of SOX controls.
  • Work with different stakeholders and external auditors to obtain and fulfill IT evidence requests as per the timelines committed.
  • Validate the key controls with the stakeholders on a periodic basis to provide an early warning to management for timely correction and remediation action.
  • Assess audit findings / gaps including control weaknesses in coordination with different stakeholders and assist with development of management action plans.
  • Provide control consulting services to control owners and assist in redesigning the efforts that improve/automate the control environment.
  • Understand the Enterprise Risk Management standard on how to identify, assess, mitigate, monitor, test and report on risks and controls required by the TPX organization (which includes Technology & Security portfolios)
  • Partner with Second Line of Defense (SLOD) team to understand expectations for managing cross-functional risks and dependencies; deploy processes to comply with policy expectations which may require implementation of required controls and on-going monitoring & reporting.
  • Developing and presenting recommendations to management based on risk and compliance impact in a Subject Matter Expertise capacity for multiple risk and compliance initiatives.
  • Negotiating appropriate remediation plans for identified issues while maintaining internal and external relationships.
  • Provides inputs to overall SOX PMO reporting

The ideal candidate will:

  • 8+ years of experience in IT/Technology/Information Security Internal Audit, ERM, or consultancy. Experience from Big-4 audit firms is a big plus.
  • Utilize a deep understanding of risk management methodologies, frameworks, and principles (e.g. SOX, COBIT, NIST, CSA, ITIL, PCI, GDPR, etc.) to evaluate and recommend best approach to mitigating risk with best in class controls.
  • Be able to engage at all levels of the organization to organize, drive and communicate results.
  • Operate in a fast-paced environment and able to handle a number of simultaneous projects and tasks while demonstrating urgency and ownership to drive issues to completion.
  • Innovate in the PayPal dynamic workplace by designing repeatable, sustainable processes that operationalize the risk management function
  • Possess strong oral and written communication skills along with refined presentation skills and the ability to work with other departments and varying levels of management, including senior leadership.
  • Have strong ability to work with minimum direction and possess a high drive for results.
  • Bachelor’s degree in Computer Science, Engineering, or Information Management Systems
  • Certifications highly desired (CISA, CIA, CISM, CISSP, CRISC, etc.)

We're a purpose-driven company whose beliefs are the foundation for how we conduct business every day. We hold ourselves to our One Team Behaviors which demand that we hold the highest ethical standards, to empower an open and diverse workplace, and strive to treat everyone who is touched by our business with dignity and respect. Our employees challenge the status quo, ask questions, and find solutions. We want to break down barriers to financial empowerment. Join us as we change the way the world defines financial freedom.

PayPal provides equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, pregnancy, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, PayPal will provide reasonable accommodations for qualified individuals with disabilities. If you are unable to submit an application because of incompatible assistive technology or a disability, please contact us at