Job Description Summary:
PayPal is committed to democratizing financial services for the global citizens. We are looking for a high-energy, passionate, and self-driven Cybersecurity Risk Engineer, to build and deliver capabilities and services to continuous assess our threat models and analyze impacts of the rapidly evolving global landscape. The Cybersecurity Risk Engineer will maintain the library of technical and operational risk models and will have responsibilities to partner and collaborate across multi-functional teams to gain deep insight into our dynamic environments and evolving security capabilities. Participate in strategic initiatives and influence business priorities through awareness and advocacy of trending cybersecurity threats and events.
If you are passionate about applied technical cybersecurity, and assessing & analyzing for threats to determine operational and technical risks, then come and join our ECS team by applying for this role.
Be a technical thought leader as part of PayPal’s Enterprise Cyber Security team. Bring security expertise and a cloud-first mindset to a challenging and dynamic environment.
Research and Analyze Threats & Impacts
- Develop technical hands-on knowledge and experience of PayPal’s global infrastructure and capabilities, and gain deep understanding of the company’s capabilities.
- Partner with cross-functional team leads to gain awareness of evolving business and technical threat landscape, including strategic business roadmaps and external industry events & campaigns.
- Develop and maintain technical and operational risk framework to analyze for threats and impacts based on classes of threat actors and capabilities, our defensive capabilities, and our operational business models.
- Perform and apply quantitative analysis against various threat scenarios to develop and prioritized unanticipated impacts against PayPal.
Technical Writing, Communicate and Influence
- Own and maintain the library of threat models with detailed business impact analysis.
- Publish prioritized technical & operational risk models that will be consumed by the stakeholders from variety of business and technical acumens.
- Maintain in-depth and detailed attack surface analysis and effectiveness of defensive capabilities.
- Leverage data to influence the business – demonstrate and highlight high risks areas and decisions.
Impact on the Business
- Influence business priorities and organizational decisions through operational cadences to provide awareness and education of impending and changing threats and impacts.
- Collaborate across multilayer stakeholders from engineers to business leaders.
- Responsible for defining metrics to measure success and performance.