PayPal

Manager, Cybersecurity Risk

PayPal

full-time

Posted on:

Location Type: Hybrid

Location: Scottsdale • Arizona, Illinois • 🇺🇸 United States

Visit company website
AI Apply
Apply

Salary

💰 $100,500 - $173,250 per year

Job Level

SeniorLead

Tech Stack

Cyber Security

About the role

  • Lead oversight efforts for Third Party Technology and Security practices across the enterprise
  • Establish and maintain a comprehensive oversight framework for third-party relationships and vendor risk management activities
  • Partner across teams and key stakeholders to drive security risk and governance initiatives and lead complex projects/programs
  • Identify and address complex security risks; recommend best practices and new approaches aligned with business priorities
  • Provide independent second-line oversight across the third-party lifecycle: planning, due diligence, contracting, onboarding, monitoring, change management, and exit
  • Review and challenge technology/security due diligence activities, vendor risk tiering/criticality, concentration and fourth‑party/chain risk determinations
  • Validate KRIs/KPIs and continuous-monitoring approaches; synthesize monthly/quarterly trends and themes
  • Lead targeted deep-dive and thematic reviews of high-risk or material vendors; document risk statements, opinions, and recommendations
  • Validate issue remediation and risk acceptances; escalate where residual risk exceeds appetite and track closure to completion
  • Prepare committee-ready reporting and dashboards; brief senior technology, security, and risk leaders on posture and emerging risks
  • Contribute to annual risk and maturity assessments, and policy/standard maintenance for third-party technology and security
  • Provide consultative guidance to first-line stakeholders while preserving independence and mentor team members

Requirements

  • 5+ years relevant experience and a Bachelor’s degree OR Any equivalent combination of education and experience
  • Minimum: 7+ years in technology risk, cybersecurity, or IT audit
  • 4+ years directly focused on third‑party/vendor risk
  • Degree in a relevant discipline (cybersecurity, business, engineering, risk management, or computer science)
  • Advanced knowledge of third-party risk assessment frameworks, including Shared Assessments SIG, ISO 27001/27002, SOC 2 Type II
  • Demonstrated experience with vendor technology and security due diligence, criticality segmentation, and exit‑strategy planning
  • Experience with continuous attack-surface monitoring tools, vendor security rating platforms, and automated evidence collection for third-party attestation tracking
  • Knowledge of supply chain attacks, fourth‑party/chain risk, AI/ML vendor risks, vendor cybersecurity threats and vulnerabilities
  • Familiarity with industry control frameworks (NIST Cybersecurity Framework, ISO 27000 series) and global data privacy/security regulations
  • Strong analytical, consultative, investigative, adjudicative, and influencing skills
  • Exceptional verbal and written communication and analysis skills, including developing high-quality written analysis, strategy, or standards documents
  • Unquestionable professional and ethical integrity
  • Ability to learn quickly, prioritize work, and manage complex deliverables under deadlines
Benefits
  • Annual performance bonus (or other incentive compensation, as applicable)
  • Equity
  • Medical, dental, and vision benefits
  • Health and life insurance
  • Employee share options
  • Flexible work environment
  • Balanced hybrid work model: 3 days in the office, 2 days at your choice of either the PayPal office or your home workspace
  • Benefits to support financial, physical, and mental health

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
third-party risk assessmentcybersecurityIT auditvendor risk managementrisk assessment frameworkscontinuous attack-surface monitoringvendor security rating platformsautomated evidence collectiondata privacy regulationsNIST Cybersecurity Framework
Soft skills
analytical skillsconsultative skillsinvestigative skillsadjudicative skillsinfluencing skillsverbal communicationwritten communicationstrategic thinkingintegritytime management
Boeing

Principal Architect – Cloud, Development, Security and Operations

Boeing
Leadfull-time$166k–$240k / yearArizona, California, Montana, Pennsylvania, South Carolina, Texas, Washington · 🇺🇸 United States
Posted: 3 hours agoSource: boeing.wd1.myworkdayjobs.com
AnsibleAWSAzureCloudDockerGoogle Cloud PlatformKubernetes