This site uses cookies. To find out more, see our Cookies Policy

InfoSec Third Party Analyst in Scottsdale at PayPal

Date Posted: 12/6/2018

Job Snapshot

Job Description

Fueled by a fundamental belief that having access to financial services creates opportunity, PayPal (NASDAQ: PYPL) is committed to democratizing financial services and empowering people and businesses to join and thrive in the global economy. Our open digital payments platform gives PayPal’s 254 million active account holders the confidence to connect and transact in new and powerful ways, whether they are online, on a mobile device, in an app, or in person. Through a combination of technological innovation and strategic partnerships, PayPal creates better ways to manage and move money, and offers choice and flexibility when sending payments, paying or getting paid. Available in more than 200 markets around the world, the PayPal platform, including Braintree, Venmo and Xoom enables consumers and merchants to receive money in more than 100 currencies, withdraw funds in 56 currencies and hold balances in their PayPal accounts in 25 currencies.

The Information Security Third Party Assessment Analyst will conduct Information Security risk assessments for new and existing third parties using PayPal’s risk assessment tools and framework. Review services provided by vendor and define scope of assessments.

PayPal (NASDAQ: PYPL) is committed to democratizing financial services and empowering people and businesses to join and thrive in the global economy. Our open digital payments platform gives PayPal’s more than 250 million active account holders the confidence to connect and transact in new and powerful ways, whether they are online, on a mobile device, in an app, or in person.

Through a combination of technological innovation and strategic partnerships, PayPal creates better ways to manage and move money, and offers choice and flexibility when sending payments, paying or getting paid. Available in more than 200 markets around the world, the PayPal platform, including Braintree, Venmo and Xoom enables consumers and merchants to receive money in more than 100 currencies, withdraw funds in 56 currencies and hold balances in their PayPal accounts in 25 currencies.

Safety and trust distinguishes our company from the competition and are at the core of our value proposition to our customer base; consumers, merchants and developers. 

PayPal Information Security is seeking an Information Security Third Party Assessment Analyst to conduct third party risk assessments.

Primary Job Responsibilities

  • Develop a working knowledge of all key third party relationships (current and planned), including out- or co-sourced vendors, third parties who originate products and/or services PayPal uses and/or offers, and third-party relationships in which PayPal’s name or brand is associated with or franchised by others.
  • Conduct Information Security risk assessments for new third parties using PayPal’s risk assessment tools and framework. Review services provided by vendor and define scope
  • Depending on the risk rating calculated, conduct the appropriate level of due diligence per PayPal’s policy, and liaise with all involved stakeholders on function-specific requirements.
  • Ability to travel globally to perform services up to 30% of time.
  • Re-perform Information Security risk assessments on a periodic basis and recertify conformance to PayPal’s requirements through updated due diligence as appropriate. Notify business units of any changes to the risk profile to ensure acceptability.
  • Work closely with the business and IT to understand objectives, goals, and requirements in procuring third party products or services and/or managing third party relationships.
  • Ensure relationships under consideration are strategically, culturally, and ethically aligned with PayPal’s mission and values, and relate to its strategic plan.
  • Directly respond to the needs, requests, and concerns of executive and senior management staff participating in third party relationships. Escalate any issues related to risk assessment results or issues in the due diligence process to the appropriate stakeholder.
  • Validate evidence from third party, before Remediation Plans are closed.
  • Escalate issues associated with third parties as needed.

Skills & Experience

  • Can effectively manage multiple Information Security risk assessments at any given time.
  • Deep and proven understanding of Information Security third party risk management concepts and tools.
  • Ability to effectively document business requirements and translates them into action plans for internal customers.
  • Possesses the internal/external customer relationship skills to effectively work with multiple customers concurrently, with little to no guidance from management.
  • Proficient in risk assessment, interpretation, analytical and negotiation skills.
  • Excellent oral and written communication skills
  • Experience with reviewing External Audit reports (SOC2, SSAE16, PCI-AOC, etc.) to be used for evaluating Information Security control sets

Technical Acumen

  • Must have working knowledge of Information Security control frameworks such as NIST or other industry standards
  • Direct experience testing, auditing or assessing Information Security controls
  • Skills in using GRC tool
  • Certified Third Party Risk Professional (CTPRP) a plus

Leadership

  • Experience debating issues with senior decision makers and pushing back when necessary.
  • Provides leadership to others in the department.
  • Maintain policies and procedures, identify standards, performance criteria, internal controls, processes and systems needed, and recommend enhancements to the program as appropriate.
  • Project management experience and the ability to manage multiple workstreams outside of own organization

Supervision

  • Receives direction in terms of the desired outcome or strategic objectives.
  • Can be given new or special assessments with minimal supervision; has established some working relationships that enable self-direction.
  • Ability to develop innovative approaches, ideas and solutions with minimal or no supervision

We are a purpose-driven company whose beliefs are the foundation for how we conduct business every day.  We hold ourselves to our One Team Behaviors which demand that we hold ourselves to the highest ethical standards, to empower an open and diverse workplace, and strive to treat everyone who is touched by our business with dignity and respect.  Our employees challenge the status quo, ask questions, and find solutions.  We want to break down barriers to financial empowerment.  Join us as we change the way the world defines financial freedom.

PayPal provides equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, pregnancy, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law.  In addition, PayPal will provide reasonable accommodations for qualified individuals with disabilities.


We're a purpose-driven company whose beliefs are the foundation for how we conduct business every day. We hold ourselves to our One Team Behaviors which demand that we hold the highest ethical standards, to empower an open and diverse workplace, and strive to treat everyone who is touched by our business with dignity and respect. Our employees challenge the status quo, ask questions, and find solutions. We want to break down barriers to financial empowerment. Join us as we change the way the world defines financial freedom.

PayPal provides equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, pregnancy, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, PayPal will provide reasonable accommodations for qualified individuals with disabilities.

R0040423