At PayPal (NASDAQ: PYPL), we believe that every person has the right to participate fully in the global economy. Our mission is to democratize financial services to ensure that everyone, regardless of background or economic standing, has access to affordable, convenient, and secure products and services to take control of their financial lives.
Job Description Summary:
The Information Security Risk Manager within the Technology and Information Security Oversight team seeks to enhance our quantitative cyber risk oversight practice. This position will require building trust within our technology and security organizations across PayPal business units and deep dive into information protection related processes and procedures.
We are searching for cybersecurity, technology, risk, and data professionals to join the Technology and Information Security Oversight (TISO) organization as part of the newly formed Information Security Risk Reporting and Analytics team. We believe quantitative analysis provides the most accurate measure of risk, mitigates bias, and that data is fun. The role will evaluate existing and develop new metrics to provide data driven views on technology and security maturity of the company. You will also provide analysis and reporting to assist leaders in prioritizing investments and remediation efforts.
Job Description:
Organizational Overview
Technology and Information Security Oversight (TISO) is responsible for providing Second Line of Defense (SLOD) oversight function over Technology, Data and Security. The team provides risk visibility with risk trending and risk analysis to effectively challenge the capability provided by First Line of Defense (FLOD) organization. All risk disciplines ensure PayPal meets its regulatory and business objectives.
Professional Summary/Responsibilities
As a fair and unbiased person of integrity, you will assess existing processes in adherence to NIST framework to provide accurate visibility of technology and security risk for the company. You would collaborate with partners to development of models for measuring maturity and risk and contribute and challenge the existing.
In your day-to-day role you will:
• Work and collaborate with a diverse team of cybersecurity, technology, risk, and data professionals.
• Build relationship and trust with technology, security, and risk partners across a global organization.
• Discover, assess, and monitor maturity of NIST Detect and Respond functions such as application security, risk-based vulnerability management, and attack surface management.
• Develop new or improve existing quantitative risk metrics of above processes.
• Work with data engineering and data analytics team to obtain the datasets required for measuring the risk metrics
• Collaborate with other oversight managers to provide evidenced based credible challenge to Risk Assessments
• Analyze new and existing datasets to provide deeper insights and facilitate measurement of KPIs/KRIs
• As the expert of your metrics and dataset, collaborate with risk partners to build multi-dimensional risk analysis
Professional Qualifications
Subscribe to job alerts and upload your resume!
*By registering with our site, you agree to our
Terms and Privacy Policy.