Job Description :
Candidate must be local to San Francisco or able to do onsite interview with
2 days'' notice.
Contract through end of the 2017 with PayPal
MUST BE US CITIZEN OR GC HOLDER WHO CAN WORK ON OUR W2.
Notes directly from hiring manager:
Someone with Information Security Compliance with technical understanding
(PCI DSS/SOX/ISO 27001)
This person will be working with Internal groups to make sure the Security
compliance/controls are in place, If not, they needs to be documented
Understanding of Change management controls/Access controls, etc.
This person has to be on-site in SF
Candidate must be on-time/will show interest in the job and must have
strong communication
Primary Job Responsibilities
We are looking for a highly talented Information Technology Compliance
Professional to assist PayPal with meeting US and international public and
private regulatory requirements. This person will perform the following
functions:
Work with internal and external auditors and regulators to evaluate
compliance with external and internal policies, standards and regulatory
requirements.
Analyze regulatory developments and recommend integration into the
organization''s policies and standards.
Interpret requirements to ensure appropriate definition of controls.
Evaluate the design and effectiveness of technology controls throughout
the business cycle, and identify opportunities for more efficient and
effective controls
Monitor and perform controls testing, issue management, findings
remediation, and assist in correcting deficiencies.
Lead the innovation and continuous improvement of IT internal control
framework, including the integration of multiple compliance requirements.
Communicate controls, policies, standards, and compliance requirements to
business and IT staff.
Provide periodic compliance status reporting to multiple stakeholders
within the organization.
Basic Qualifications
Ability to track and execute numerous parallel activities, work
efficiently and independently with some supervision (i.e., self-motivated
and willing to stretch to meet important deadlines)
Work in a fast-paced, dynamic environment, embrace change, build and
maintain constructive working relationships with a diverse community (in and
outside of technology)
Effectively communicate in both written and verbal manner to influence
both technical and non-technical audiences
Passion for technology, information security, and how PayPal protects
customer information
Does not take a check the box mentality to security
Bachelor''s degree required, graduate degree a plus
Minimum of 3+ years of information security, risk management and controls
testing/monitoring experience
Experience conducting audits in accordance with the Sarbanes Oxley Act
(SOX), SSAE16, AT101, PCI-DSS or any other regulatory obligations or
industry standards
Understanding of information security and risk management frameworks such
as COBIT, ISO17799/2700x, NIST, FIPS or COSO.
Industry certifications in the areas of Information Security/Systems are
preferred - CISSP, CISA, CISM, CGEIT, ISA/QSA
Technology background with familiarity in at least two of the following:
distributed systems (Linux, Solaris, Windows), databases, networks (LAN/WAN
technologies, firewalls, routers, load-balancers, web development, mobile.
etc.
Working knowledge of the financial industry and the lifecycle of payment
card transactions.