Please note that this site has updated features that do not run on older versions of Internet Explorer. For an optimal experience, please use another browser or the most recent version of IE.

Tech & Infosec Governance Analyst in Shanghai at PayPal

Date Posted: 10/20/2020

Job Snapshot

Job Description

Fueled by a fundamental belief that having access to financial services creates opportunity, PayPal (NASDAQ: PYPL) is committed to democratizing financial services and empowering people and businesses to join and thrive in the global economy. Our open digital payments platform gives PayPal’s 325 million active account holders the confidence to connect and transact in new and powerful ways, whether they are online, on a mobile device, in an app, or in person. Through a combination of technological innovation and strategic partnerships, PayPal creates better ways to manage and move money, and offers choice and flexibility when sending payments, paying or getting paid. Available in more than 200 markets around the world, the PayPal platform, including Braintree, Venmo and Xoom enables consumers and merchants to receive money in more than 100 currencies, withdraw funds in 56 currencies and hold balances in their PayPal accounts in 25 currencies.

Technology & Information Security Governance Analyst

Do you want to help create the future of money? PayPal is focused on enabling commerce. We want to make it easier and safer to shop and pay for things you want, anywhere and at any time. We are focused on developing solutions that deliver value for our large merchant and consumer base.  

We are looking for a team player to join our growing Technology and Information Security Team. The Governance Analyst will serve as a subject matter expert and will work closely with the Information Security Officer and Global Technology Compliance teams to provide internal Governance, Risk and Compliance support for technology and information security areas. The individual will be responsible for assisting in various types of assessments and audits, including but not limited to regulatory inspections, compliance audits, internal and external reporting.


  • Understand and apply the enterprise policies, standards and framework for governance, risk & compliance.
  • Support IT & Information Security compliance programs under Technology and Information Security Oversight function.
  • Work with different stakeholders and external auditors to maintain up-to-date documentation for scoping, testing and remediation of technology and security controls.
  • Work with different stakeholders and external auditors to obtain and fulfill evidence requests as per the timelines committed.
  • Validate the key controls with the stakeholders on a periodic basis to provide an early warning to management for timely correction and remediation action.
  • Assess audit findings / gaps including control weaknesses in coordination with different stakeholders and assist with development of management action plans.
  • Provide control consulting services to control owners and assist in redesigning the efforts that improve/automate the control environment.
  • Partner with internal colleagues to understand expectations for managing cross-functional risks and dependencies; deploy processes to comply with policy expectations which may require implementation of required controls and on-going monitoring & reporting.
  • Developing and presenting recommendations to management based on risk and compliance impact in a Subject Matter Expertise capacity for multiple risk and compliance initiatives.
  • Support driving overall risk management reporting, compliance documentation and the overall governance of IT and security

The ideal candidate will:

  • 5+ years of experience in IT/Technology/Information Security Internal Audit, ERM, or consultancy. Experience from Big-4 audit firms is a big plus.
  • Utilize a deep understanding of International standards and Chinese regulations (e.g. CSL, MLPS, PCI-DSS, UPI-DSS etc.) to evaluate and recommend best approach to mitigating risk with best in class controls.
  • Be able to engage at all levels of the organization to organize, drive and communicate results.
  • Operate in a fast-paced environment and able to handle a number of simultaneous projects and tasks while demonstrating urgency and ownership to drive issues to completion.
  • Possess strong oral and written communication skills along with refined presentation skills and the ability to work with other departments and varying levels of management, including senior leadership.
  • Have strong ability to work with minimum direction and possess a high drive for results.
  • Bachelors degree in Computer Science, Engineering, or Information Management Systems
  • Certifications highly desired (CISA, CIA, CISM, CISSP, CRISC, etc.)

We're a purpose-driven company whose beliefs are the foundation for how we conduct business every day. We hold ourselves to our One Team Behaviors which demand that we hold the highest ethical standards, to empower an open and diverse workplace, and strive to treat everyone who is touched by our business with dignity and respect. Our employees challenge the status quo, ask questions, and find solutions. We want to break down barriers to financial empowerment. Join us as we change the way the world defines financial freedom.

PayPal provides equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, pregnancy, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, PayPal will provide reasonable accommodations for qualified individuals with disabilities. If you are unable to submit an application because of incompatible assistive technology or a disability, please contact us at