PayPal is looking for a Technology and Information Security Oversight Manager.
Job Description:
Participate to the Technology and Information Security Oversight governance and operations of PayPal regulated entities operating in EMEA
- Contribute in the implementation of the information security strategy aligned with business objectives, and regulatory requirements
- Participate to the regional policies and processes lifecycle to address risk and compliance obligations
- Verify that Technology and Information Security policies and procedures adequately address regional regulatory and risk requirements
- Maintain and report business-relevant metrics to measure the efficiency and effectiveness of technology controls
- Implement information security awareness and training as part of the global awareness program
Manage and oversee Technology and Information Security risks
- Support technology risk management framework in cooperation with the risk and compliance functions
- Monitor and report key risk indicators (KRI)
- Monitor technology and information security trends to understand potential new threats, vulnerabilities and control deficiencies to maintain the effectiveness of the risk management framework
- Maintain security risk management framework properly documented and updated. Re-evaluate effectiveness of the risk management framework after major changes.
- Oversee known information security issues and monitor remediation progress.
- Participate in development, review and test of Business Continuity Plans and Disaster Recovery Plans
Maintain regulatory compliance and regulatory engagement
- Ensure conformity with policies and regulatory obligations.
- Monitor and evaluate emerging regulations
- Support actively audits and regulatory inspections
Test and validate the control framework
- Verify that controls in place to detect and prevent the emergence of technology related risks are properly documented and effectively applied
- Participate in the continuing development of security testing plan
- Evaluate and report on control effectiveness and coverage based on the security testing results.
Enable key business initiatives and projects
- Participate, coordinate and deliver on key business projects and initiatives as subject matter expert for the second line of defense
- Act as a key member of PayPal leadership team, bridging the needs of the region with global technology and information security oversight expertise and leadership.
- Participate in product development to ensure technical alignment with requirements
- Maintain and report on adequacy of control remediation plans and evidence to close remediation actions
The skills that set you apart
- Bachelor’s degree.
- 3+ years of experience in Information Technology, Information Security, Enterprise Risk Management or Technology Advisory
- International experience over cross-functional matrix team structures
- Critical thinker with strong problem-solving skills
- Experience in risk management methodologies, control frameworks and industry standards (e.g. ISO, COBIT, NIST, ITIL, ENISA, PCI).
- Valid and relevant professional certifications (e.g. CISSP, CISM, CISA, CRISC, CCSP, PCI-ISA)
- Experience in technology regulatory obligations in EMEA (e.g. CSSF, ECB, EBA, FCA/PRA, CBR)
- Strong oral and written communication skills, multilingualism is recommended.