Cybersecurity Analyst – Governance, Risk and Compliance
Coca-Cola Canada Bottling Limited
Cyber Security
Manager, Cybersecurity Risk
PayPal
full-time
Posted on:
Origin: • 🇺🇸 United States • Arizona, Illinois
Visit company websiteSalary
💰 $100,500 - $173,250 per year
Job Level
SeniorLead
Tech Stack
Cyber SecurityJenkins
About the role
- Lead oversight efforts focused on application and infrastructure vulnerabilities
- Develop a comprehensive oversight framework for application and vulnerability management activities
- Leverage specialized security governance and risk expertise to identify and address complex security risks, recommending best practices
- Partner across teams and key stakeholders to drive security risk and governance initiatives and lead complex projects and programs
- Apply advanced analytical skills and sound judgment to assess and mitigate security risks
- Stay informed on industry trends and regulatory landscape and evaluate security implications within PayPal’s governance framework
- Contribute to improvements within the security domain and ensure decisions enhance risk mitigation strategies and security practices
- Leverage relationships across teams to influence initiatives and integrate feedback into security governance and risk management
- Develop and articulate clear plans and priorities for the team and provide mentorship to achieve security risk and governance objectives
Requirements
- Minimum of 8 years of relevant work experience
- Bachelor's degree or equivalent experience
- Familiarity with risk management frameworks with an emphasis on NIST CSF and SP800-53 (preferred)
- Experience across multiple modern software development frameworks (e.g., Agile, DevOps, CI/CD)
- Familiarity with code management/repository tools (e.g., Git, GitHub, Jenkins)
- Knowledge of current and emerging information technologies (e.g., AI / ML)
- Knowledge of cybersecurity threats and vulnerabilities
- Knowledge of risk management processes and practices
- Knowledge of industry standard control frameworks and best practices (e.g., NIST, ISO)
- Knowledge of prominent cybersecurity and privacy regulations globally
- Strong work ethic; ability to learn quickly, prioritize work, and manage complex deliverables to completion under deadlines
- Superb consultative, adjudicative, investigative, and influencing skills
- Business acumen, stakeholder empathy, and conflict resolution skills
- Comfort working in a dynamic, global, fluid, and matrix working environment
- Exceptional verbal and written communication and analysis skills; experience developing high-quality written analysis, strategy, or standards documents
- Unquestionable professional and ethical integrity; experience with sensitive, privileged, or confidential projects
- Ability to approach and understand problems from a statistical or quantitative perspective
- Industry certifications preferred: CISSP, CISA, CISM, CRISC
