Global InfoSec / IT Testing Manager in Chandler at PayPal

Date Posted: 2/21/2018

Job Snapshot

Job Description

Fueled by a fundamental belief that having access to financial services creates opportunity, PayPal (NASDAQ: PYPL) is committed to democratizing financial services and empowering people and businesses to join and thrive in the global economy. Our open digital payments platform gives PayPal’s 210 million active account holders the confidence to connect and transact in new and powerful ways, whether they are online, on a mobile device, in an app, or in person. Through a combination of technological innovation and strategic partnerships, PayPal creates better ways to manage and move money, and offers choice and flexibility when sending payments, paying or getting paid. Available in more than 200 markets around the world, the PayPal platform, including Braintree, Venmo and Xoom enables consumers and merchants to receive money in more than 100 currencies, withdraw funds in 56 currencies and hold balances in their PayPal accounts in 25 currencies.

The Enterprise Risk, Compliance, and Security (ERCS) Testing Team is seeking Manager, Global InfoSec/IT Testing to support the Testing Program within the Second Line of Defense (SLOD). The Manager will be responsible for playing a key role in implementing for PayPal globally, a comprehensive, risk-based Testing program to assess information security, and information technology risks, business controls, and regulatory obligation adherence. A team of Testing Associates will report directly to this role. Effective management and prioritization skills will be critical for the candidate, focusing on the strategic execution of the InfoSec/IT Testing Program.

Primary Job Responsibilities:

  • Serve as a SLOD Subject Matter Expert/Point of Contact for InfoSec/IT Testing.
  • Support the SLOD team leadership in the management and execution of the Testing Program.
  • Create and maintain regular reporting of Testing results.
  • Lead, support and coach a team of InfoSec / IT Testing Associates.
  • Design SLOD Testing of business controls and regulatory obligation adherence.
  • Review the work that is performed by the team of Testing Associates to ensure quality.
  • Coordinate with Privacy/InfoSec/IT SMEs within ERCS to ensure Testing covers appropriate risks, and results are disseminated to the appropriate decision makers in a timely manner.
  • Handle both proactive and reactive needs arising from additional oversight and manage corresponding take away items.


  • Must have a strong understanding of business controls, InfoSec / IT regulatory requirements and Testing design, management and execution.  
  • Advanced analytical, cross-referencing and deductive reasoning skills.
  • Excellent project management, organizational, communication, presentation and interpersonal skills.
  • Skill in focusing on desired results, determining what is important and urgent, clarifying next steps, and delegating effectively to meet deadlines and achieve desired results.
  • Excellent ability to analyze compliance risks in complex business processes, and recommend controls to mitigate those risks.
  • Thrives working in a fast paced environment while maintaining composure and able to make sound decisions under pressure.
  • Ability to work within a matrixed international environment and cross functionally with operations and technology functions.
  • Excellent executive presentation and project management skills with the ability to successfully execute multiple projects at one time and across global time zones.
  • Ability to collaborate across levels and hold a level of influence, organizing and motivating others, including those who are in more senior positions.
  • Must display a high level of professional judgment, commitment, integrity, teamwork, and customer service.
  • Knowledge of English mandatory, French/German is considered a plus.


  • 6+ years of experience with Big Four, internal audit, and/or testing with a focus on Information Security, IT, and Data Protection.
  • Familiarity with SSAE16 SOC1/SOC2, PCI and standards such as NIST and ISO
  • Familiarity with E.U. data protection and privacy regulations, such as such as PSD2 and GDPR
  • Familiarity with U.S. privacy regulations is a plus.

    Preferred qualifications:

  • Big 4, or management/IT consulting experience
  • CISSP, CISM, CISA, CIPP and similar certifications
  • Understanding of fintech, e-commerce, cloud computing, operating systems, web technologies and enterprise security architecture.
  • Familiar with Risk Management, ITIL, ISO 27k, ethical hacking concepts
  • Experience with business continuity planning and testing, third-party security management, and secure build methodologies


  • BS degree in Computer Information Systems, Computer Science or relevant or related field

We're a purpose-driven company whose beliefs are the foundation for how we conduct business every day. We hold ourselves to our One Team Behaviors which demand that we hold the highest ethical standards, to empower an open and diverse workplace, and strive to treat everyone who is touched by our business with dignity and respect. Our employees challenge the status quo, ask questions, and find solutions. We want to break down barriers to financial empowerment. Join us as we change the way the world defines financial freedom.

PayPal provides equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, pregnancy, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, PayPal will provide reasonable accommodations for qualified individuals with disabilities.