Security Compliance Assurance Analyst

Paypal Scottsdale , AZ 85250

Posted 2 months ago

Job Description: Fueled by a fundamental belief that having access to financial services creates opportunity, PayPal (NASDAQ: PYPL) is committed to democratizing financial services and empowering people and businesses to join and thrive in the global economy. Our open digital payments platform gives PayPal's 254 million active account holders the confidence to connect and transact in new and powerful ways, whether they are online, on a mobile device, in an app, or in person. Through a combination of technological innovation and strategic partnerships, PayPal creates better ways to manage and move money, and offers choice and flexibility when sending payments, paying or getting paid. Available in more than 200 markets around the world, the PayPal platform, including Braintree, Venmo and Xoom enables consumers and merchants to receive money in more than 100 currencies, withdraw funds in 56 currencies and hold balances in their PayPal accounts in 25 currencies.

PayPal is looking for new members of a team responsible for managing, implementing and maintaining the Cybersecurity Compliance Monitor program within PayPal Holdings, Inc.This team ensures the effectiveness of information security and IT controls by working with control owners to design and test controls to meet PayPal standards and regulatory requirements. The candidate will partner with IT technical staff, as well as internal risk and compliance teams. The team is responsible for providing a range of support activities that enables and ensure the organization can meet and demonstrate compliance with security standards and regulatory requirements.Areas of focus include information security, computer operations, systems development and application controls. Governance Risk and Compliance (GRC) activities include providing oversight and managing the ongoing execution of key controls. Activities will implement/leverage GRC tools for on-boarding and automating more quantitative scoring of control effectiveness/maturity and corresponding risk reduction. Additionally, activities include the assessing, tracking and reporting of control deficiencies and remediation activities.

PayPal (NASDAQ: PYPL) is committed to democratizing financial services and empowering people and businesses to join and thrive in the global economy. Our open digital payments platform gives PayPal's 210 million active account holders the confidence to connect and transact in new and powerful ways, whether they are online, on a mobile device, in an app, or in person.

Through a combination of technological innovation and strategic partnerships, PayPal creates better ways to manage and move money, and offers choice and flexibility when sending payments, paying or getting paid. Available in more than 200 markets around the world, the PayPal platform, including Braintree, Venmo and Xoom enables consumers and merchants to receive money in more than 100 currencies, withdraw funds in 56 currencies and hold balances in their PayPal accounts in 25 currencies.

PayPal is looking for new members of a team responsible for managing, implementing and maintaining the Cybersecurity Compliance Monitor program within PayPal Holdings, Inc.

This team ensures the effectiveness of information security and IT controls by working with control owners to design and test controls to meet PayPal standards and regulatory requirements. The candidate will partner with IT technical staff, as well as internal risk and compliance teams. The team is responsible for providing a range of support activities that enables and ensure the organization can meet and demonstrate compliance with security standards and regulatory requirements.

Areas of focus include information security, computer operations, systems development and application controls. Governance Risk and Compliance (GRC) activities include providing oversight and managing the ongoing execution of key controls. Activities will implement/leverage GRC tools for on-boarding and automating more quantitative scoring of control effectiveness/maturity and corresponding risk reduction. Additionally, activities include the assessing, tracking and reporting of control deficiencies and remediation activities.

Responsibilities

  • Interpret PayPal standards, regulatory and business requirements into technical specification documents and IT/security controls.

  • Supporting, facilitating and coordinating internal, external audits and regulatory examination support on behalf of Information Security.

  • Participate in developing and maintaining the overall Governance Risk and Compliance (GRC) management process and strategy.

  • Work in collaboration with corporate compliance, risk management and various technical teams in the design and implementation of control self-assessments, risk assessments and regulatory compliance practices for Information Security.

  • Create, document, and implement control test plans, scripts, and procedures.

  • Investigate, analyze and document reported control defects.

  • Partner with Issues Management, Standards and Compliance teams to develop effective process for monitoring, reporting and escalating compliance related issues and exceptions.

  • Work with cross-functional teams in performing reviews and tests of IT internal controls to ensure teams are operating adequate controls.

  • Partner with Security Awareness teams to proactively promote enhanced security controls and training across IT and business units.

  • Create, monitor data points into the IT risk management activities, including quarterly dashboards, metrics, and reporting (e.g., GRC tool dashboards).

  • Directs IT functional teams in the development, implementation, monitoring and reporting of control processes, documentation and compliance routines.

  • Advises IT and business executives on the status of security findings, technology risks and compliance issues based on assessment results and information from various discovery sources, monitoring and control systems.

  • Develop automated process to document and score IT/Security control effectiveness based on maturity level and map to corresponding residual risk scores.

Job Requirements

  • 2+ years of experience in identification of risk and compliance.

  • Broad security knowledge across common industry security standards (e.g., ISO, NIST, COSO, COBIT, PCI, FFIEC, SOX, SSAE16, and others).

  • Possess either of the following certifications: CISSP, CISA, CISM, or GIAC.

  • Technical knowledge of security technologies and architecture in multiple security domains (such as infrastructure hardening, privileged access, data security, endpoint security, anti-malware, network security, application security and others).

  • 2+ years of experience in developing security standards and implementing technical controls to meet standards and regulatory requirements.

  • 1+ years of experience implementing and managing GRC technologies (e.g., Archer, ServiceNow) used for risk and compliance processes.

  • Advanced MS Office skills: Word, PowerPoint, Excel & Database

  • Excellent writing and verbal communication skills, interpersonal and presentation skills and the proven ability to influence and communicate effectively.

  • Bachelor's degree from an accredited college (Information Technology, Information Assurance, Cyber Security or related disciplines preferred)

We are a purpose-driven company whose beliefs are the foundation for how we conduct business every day. We hold ourselves to our One Team Behaviors which demand that we hold ourselves to the highest ethical standards, to empower an open and diverse workplace, and strive to treat everyone who is touched by our business with dignity and respect. Our employees challenge the status quo, ask questions, and find solutions. We want to break down barriers to financial empowerment. Join us as we change the way the world defines financial freedom.

PayPal provides equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, pregnancy, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, PayPal will provide reasonable accommodations for qualified individuals with disabilities.

We're a purpose-driven company whose beliefs are the foundation for how we conduct business every day. We hold ourselves to our One Team Behaviors which demand that we hold the highest ethical standards, to empower an open and diverse workplace, and strive to treat everyone who is touched by our business with dignity and respect. Our employees challenge the status quo, ask questions, and find solutions. We want to break down barriers to financial empowerment. Join us as we change the way the world defines financial freedom.

PayPal provides equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, pregnancy, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, PayPal will provide reasonable accommodations for qualified individuals with disabilities.

R0038326


See if you are a match!

See how well your resume matches up to this job - upload your resume now.

Find your dream job anywhere
with the LiveCareer app.
Download the
LiveCareer app and find
your dream job anywhere
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Sr Information Security Analyst (Cyberark PAM / Azure Security And Pim)

Mckesson Corporation

Posted 4 days ago

VIEW JOBS 11/11/2018 12:00:00 AM 2019-02-09T00:00 McKesson is in the business of better health and we touch the lives of patients in virtually every aspect of healthcare. We partner with payors, hospitals, physician offices, pharmacies, pharmaceutical companies and others across the spectrum of care to build healthier organizations that deliver better care to patients in every setting. We believe in the importance of strong, vital organizations because we know that patients can only be healthy when our system is healthy. Every single McKesson employee contributes to our mission—by joining McKesson you act as a catalyst in a chain of events that helps millions of people all over the globe. Talented, compassionate people are the future of our company—and of healthcare. At McKesson, you'll collaborate on the products and solutions that help us carry out our mission to improve lives and advance healthcare. Working here is your opportunity to shape an industry that's vital to us all. We understand the importance of a system that works together. Your expertise, drive and passion can help us improve everything we touch, from providers to payors to pharmacies. Join our team of leaders to begin a rewarding career. Wherever you contribute here at McKesson, you will have the ability to make a real impact in the lives of others. Current Need Sr. Information Security Analyst Responsibilities * Provision/ De Provision User Access Across Multiple platforms: Windows /Unix/AS400/Oracle * CyberArk PAM Suite including but not limited to provisioning for; Secure Document Vault (Secure repository and sharing infrastructure), Enterprise Password Vault (Privileged Accounts at OS and DB levels), Application Identity Manager (App2App credentials and encryption keys), Privileged Session Manager (Control and monitor privileged accesses) * Coordinate system and application configuration and management tasks * Coordinate integration services, product updates, change requests and Tier-3 support * Provide timely response to address server and client-server application performance and/or availability issues * Lead, coordinate and participate in process improvements as they relate to IDM infrastructure and system * In conjunction with business and department priorities and directives, conduct vendor and product research on software and systems products to address business needs * Tier 3 support for all service desks using NAMCK VPN * RSA – server / application support / provisioning * Privileged User Access Review Minimum Requirements: * 4 years' experience in administering security controls in an organization Critical Skills: * 2 RSA Server Support, RSA VPN & RSA Token * 2 years in Information Security or Compliance related services, IT audit, Internal Audit and/or Risk Management Experience. * 2 years working with Windows AD, add/create/modify/ accounts, working with GPO. * 2 years' experience creating and presenting virtual meetings with customers to provide services and support. * Required to understand the business and technical requirements, develop the associated content and documentation. * Experience with any combination of the following: Windows. Unix, AS400, Oracle, Tandem, Mainframe * MS Office Suite Additional Knowledge & Skills: * MS PowerShell use and knowledge * SBR or wireless authentication experience * EPM or similar Endpoint security protection tools * CyberArk PAM suite * Azure Security and PIM * Excellent problem-solving and technical skills * Detail-oriented, self-motivated and disciplined, with excellent time management skills Education: * 4-year degree in computer science or related field or equivalent experience Physical Requirements General Office Demands Benefits & Company Statement McKesson believes superior performance – individual and team – that helps us drive innovations and solutions to promote better health should be recognized and rewarded. We provide a competitive compensation program to attract, retain and motivate a high-performance workforce, and it's flexible enough to meet the different needs of our diverse employee population. We are in the business of better health and we touch the lives of patients in virtually every aspect of healthcare. We partner with payers, hospitals, physician offices, pharmacies, pharmaceutical companies and others across the spectrum of care to build healthier organizations that deliver better care to patients in every setting. But we can't do it without you. Every single McKesson employee contributes to our mission—whatever your title, whatever your role, you act as a catalyst in a chain of events that helps millions of people all over the globe. Talented, compassionate people are the future of our company—and of healthcare. At McKesson, you'll collaborate on the products and solutions that help us carry out our mission to improve lives and advance healthcare. Working here is your opportunity to shape an industry that's vital to us all. McKesson is an equal opportunity and affirmative action employer – minorities/females/veterans/persons with disabilities. Qualified applicants will not be disqualified from consideration for employment based upon criminal history. Agency Statement No agencies please. Mckesson Corporation Scottsdale AZ

Security Compliance Assurance Analyst

Paypal