Information Security Governance in Scottsdale at PayPal

Date Posted: 11/5/2018

Job Snapshot

Job Description

Fueled by a fundamental belief that having access to financial services creates opportunity, PayPal (NASDAQ: PYPL) is committed to democratizing financial services and empowering people and businesses to join and thrive in the global economy. Our open digital payments platform gives PayPal’s 254 million active account holders the confidence to connect and transact in new and powerful ways, whether they are online, on a mobile device, in an app, or in person. Through a combination of technological innovation and strategic partnerships, PayPal creates better ways to manage and move money, and offers choice and flexibility when sending payments, paying or getting paid. Available in more than 200 markets around the world, the PayPal platform, including Braintree, Venmo and Xoom enables consumers and merchants to receive money in more than 100 currencies, withdraw funds in 56 currencies and hold balances in their PayPal accounts in 25 currencies.

This position will be responsible for supporting the Information Security Governance program within PayPal Holdings, Inc. The incumbent will partner with IT technical staff, as well as internal risk and compliance teams to: provide oversight of the ongoing execution of key controls; implement/leverage GRC tools for on-boarding and automating quantitative scoring of control effectiveness/maturity; assess, track & report control deficiencies and remediation activities.

PayPal (NASDAQ: PYPL) is committed to democratizing financial services and empowering people and businesses to join and thrive in the global economy. Our open digital payments platform gives PayPal’s 244 million active account holders the confidence to connect and transact in new and powerful ways, whether they are online, on a mobile device, in an app, or in person.

Through a combination of technological innovation and strategic partnerships, PayPal creates better ways to manage and move money, and offers choice and flexibility when sending payments, paying or getting paid. Available in more than 200 markets around the world, the PayPal platform, including Braintree, Venmo and Xoom enables consumers and merchants to receive money in more than 100 currencies, withdraw funds in 56 currencies and hold balances in their PayPal accounts in 25 currencies.

This position will be responsible for supporting the Information Security Governance program within PayPal Holdings, Inc. The incumbent will partner with IT technical staff, as well as internal risk and compliance teams to: provide oversight of the ongoing execution of key controls; implement/leverage GRC tools for on-boarding and automating quantitative scoring of control effectiveness/maturity; assess, track & report control deficiencies and remediation activities.

Responsibilities:

  • Translate PayPal standards, regulatory and business requirements into remediation recommendations.
  • Possess strong technical background in security controls and technologies.
  • Participate in developing and maintaining the overall Governance Risk and Compliance (GRC) management process and strategy.
  • Work in collaboration with corporate compliance, risk management and various technical teams in the design and implementation of controls self-assessments, risk assessment and regulatory compliance practices for IT.
  • Opportunity to mentor cyber assurance analysts.
  • Create, document, and implement process improvements.
  • Investigate, analyze and document reported control defects.
  • Create and maintain technical process documentation using defined (e.g., GRC tool and documented procedures).
  • Partner with Issues Management, Standards and Compliance teams to develop effective process for monitoring, reporting and escalating issues and exceptions.
  • Work with cross-functional teams in performing reviews of IT internal controls to ensure teams are operating adequate controls.
  • Create, monitor data points into the IT risk management activities, including quarterly dashboards, metrics, and reporting (e.g., GRC tool dashboards).
  • Advises IT and business executives on the status of security findings, technology risks and compliance issues based on assessment results and information from various discovery sources, monitoring and control systems.
  • Mature processes to document and score IT/Security control effectiveness based on maturity level and map to corresponding residual risk scores.

Qualifications:

  • 10+ years of experience in compliance and identification of risk within a large enterprise.
  • Demonstrate broad security knowledge across common industry security standards (e.g., ISO, NIST, COSO, COBIT, PCI, FFIEC, SOX, SSAE16, and others).
  • Possess either of the following certifications: CISSP, CISA, CISM, or GIAC.
  • Strong technical knowledge of security technologies and architecture in multiple security domains (such as infrastructure hardening, privileged access, data security, endpoint security, anti-malware, network security, application security and others).
  • 6+ years of experience implementing and managing GRC technologies (e.g. Archer, ServiceNow) used for risk and compliance processes.
  • Advanced MS Office skills: Word, PowerPoint, Excel & Database
  • Excellent writing and verbal communication skills, interpersonal and presentation skills and the proven ability to influence and communicate effectively.
  • Bachelor’s degree from an accredited college (Information Technology, Information Assurance, Cyber Security or related disciplines preferred).

We're a purpose-driven company whose beliefs are the foundation for how we conduct business every day. We hold ourselves to our One Team Behaviors which demand that we hold the highest ethical standards, to empower an open and diverse workplace, and strive to treat everyone who is touched by our business with dignity and respect. Our employees challenge the status quo, ask questions, and find solutions. We want to break down barriers to financial empowerment. Join us as we change the way the world defines financial freedom.

PayPal provides equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, pregnancy, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, PayPal will provide reasonable accommodations for qualified individuals with disabilities.

R0037068