Who we are: At PayPal (NASDAQ: PYPL), we believe that every person has the right to participate fully in the global economy. Our mission is to democratize financial services to ensure that everyone, regardless of background or economic standing, has access to affordable, convenient, and secure products and services to take control of their financial lives. We’re a purpose-driven company, and our beliefs are the foundation of how we conduct business every day. We’re guided by our core values of Inclusion, Innovation, Collaboration, and Wellness. Collectively, these values inspire us to work together as One Team with our customers at the center of everything we do, and to take care of ourselves, each other, and the communities in which we live and work. We challenge the status quo, ask questions, and find solutions. Join us as we enable the hopes, dreams, and ambitions of millions of people around the world.
Job Description Summary: The Technology GRC Analyst, will have the responsibility for supporting the PayPal Technology & Security Governance, Risk, and Compliance programs as part of the First Line of Defense (FLOD) function for the CTO organization. This position will focus on Technical Technology Controls and work directly with the PayPal Technology Risk Management team in coordinating and executing the design, implementation, maintenance, audit, and lifecycle management of technical controls across the organization. The candidate will support change and rollout of comprehensive programs to internal controls, issue management, as well as compliance obligations (such as SOX and SOC compliance) for the TPX organization. The candidate will ensure appropriate controls are in place, key stakeholders are engaged, senior leaders are informed while helping PayPal remain compliant with compliance obligations and avoid events that could adversely impact our business objectives. The ideal candidate must be, without a doubt, passionate about our customers, partners, stakeholders, and technology. Excellent interpersonal skills, communication, and leadership skills will be critical for success. Success depends on building rapport and credibility with multiple stakeholders across the organization to organize and drive execution. Responsibilities: · Understand and apply the enterprise policies, standards and framework for governance, risk & compliance. · Support IT controls testing and management program under FLOD capacity of CTO organization in accordance with PCAOB standards. · Work with different stakeholders and external auditors to maintain up-to-date documentation for scoping, testing and remediation of IT controls. · Work with different stakeholders and external auditors to obtain and fulfill IT evidence requests as per the timelines committed. · Validate the key controls with the stakeholders on a periodic basis to provide an early warning to management for timely correction and remediation action. · Assess audit findings / gaps including control weaknesses in coordination with different stakeholders and assist with development of management action plans. · Provide control consulting services to control owners and assist in redesigning the efforts that improve/automate the control environment. · Understand the Enterprise Risk Management standard on how to identify, assess, mitigate, monitor, test and report on risks and controls required by the TPX organization (which includes Technology & Security portfolios) · Partner with Second Line of Defense (SLOD) team to understand expectations for managing cross-functional risks and dependencies; deploy processes to comply with policy expectations which may require implementation of required controls and on-going monitoring & reporting. · Developing and presenting recommendations to management based on risk and compliance impact in a Subject Matter Expertise capacity for multiple risk and compliance initiatives. · Negotiating appropriate remediation plans for identified issues while maintaining internal and external relationships.
The ideal candidate will:
- 5-8+ years of experience in IT/Technology/Information Security Internal Audit, ERM, or consultancy. Experience from Big-4 audit firms is a big plus.
- Utilize a deep understanding of risk management methodologies, frameworks, and principles (e.g. SOX, COBIT, NIST, CSA, ITIL, PCI, GDPR, etc.) to evaluate and recommend best approach to mitigating risk with best in class controls.
- Be able to engage at all levels of the organization to organize, drive and communicate results.
- Operate in a fast-paced environment and able to handle a number of simultaneous projects and tasks while demonstrating urgency and ownership to drive issues to completion.
- Innovate in the PayPal dynamic workplace by designing repeatable, sustainable processes that operationalize the risk management function
- Possess strong oral and written communication skills along with refined presentation skills and the ability to work with other departments and varying levels of management, including senior leadership.
- Have strong ability to work with minimum direction and possess a high drive for results.
- Bachelor’s degree in Computer Science, Engineering, or Information Management Systems
- Certifications highly desired (CISA, CIA, CISM, CISSP, CRISC, etc.)
For more than 20 years, PayPal has remained at the forefront of the digital payment revolution. By leveraging technology to make financial services and commerce more convenient, affordable, and secure, our open digital payments platform gives PayPal’s 400 million active account holders the confidence to connect and transact in new and powerful ways. Through a combination of technological innovation and strategic partnerships, PayPal creates better ways to manage and move money, and offers choice and flexibility when sending payments, paying, or getting paid. Available in more than 200 markets around the world, the PayPal platform, including Braintree, Venmo and Xoom, enables consumers and merchants to receive money in more than 100 currencies, withdraw funds in 56 currencies and hold balances in their PayPal accounts in 25 currencies.
PayPal provides equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, pregnancy, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, PayPal will provide reasonable accommodations for qualified individuals with disabilities.