Head of InfoSec - Hyperwallet

Paypal

Full time

Vancouver, BC, Canada

Oct 23

Senior Manager of Information Security and Compliance

Information Security at HyperWallet

In this role, you lead the Information Security program at HyperWallet.  This position is a technical managerial position, in which the ideal candidate will be able to function from not only a people, process, and planning perspective but also be a key contributor to security architecture and technology decisions.  This role will also hold the responsibility of being the key leader for information security related projects and compliance decisions for HyperWallet.  As the manager of Information Security, you will be looked to as a leader in defining, communicating, planning, and executing on all company and business unit goals in the security and compliance space. You will report directly to the head of PayPal Business Unit security and be a representative to other business units as a subject matter expert on all things relating to information security at HyperWallet.

Responsibilities

  • Drive application and network security activities for all facets of HyperWallet
  • Manage a team of highly skilled security and platform engineers in a devops model
  • Collaborate with multiple security teams within PayPal to provide seamless support to securely enable business functions
  • Influence HyperWallet peers and leaders with the goal of creating and maturing security programs that are aligned with broader PayPal technologies and processes.
  • Evaluate, design, deploy, support, and monitor information security systems
  • Identify security exposures and develop mitigation plans
  • Build and execute on project roadmaps
  • Work with the technical operations team to implement information security solutions
  • Plan and run security awareness exercises and teach secure behavior and methods
  • Lead and manage security incident response activities and forensic investigations
  • Lead the implementation of best-practice security procedures, standards, and guidelines
  • Support HyperWallet in developing and maturing the application security program
  • Be the HyperWallet representative for compliance activities such as external audits from customers, regulatory compliance projects, and overall information security reviews
  • Engage in cross business unit Security teams as the lead representative for HyperWallet

Requirements

  • Minimum 8 years of on the job information security experience
  • Minimum 5 years managing technical teams
  • Experience working with and managing application security programs in an agile environment
  • Demonstrated ability to influence peers and senior leaders and communicate complex problems and solutions to a global workforce
  • Experience securing GCP environments
  • Bachelor’s degree in Computer Science/Engineering/Information Security or equivalent work experience
  • CISSP, CISM, CISA, Security+ or comparable Information Security Assurance certification
  • Experience with financial industry security governance, including PCI DSS, SOC2 and state regulations
  • Self-starter, able to work with a mix of technical and non-technical clients
  • Strong documentation skills are a must
  • Ability to perform technical risk assessments, triage security-testing results and manage security response actions.
  • Ability to manage a team of engineers to drive completion of projects and initiatives
  • Demonstrable expertise in:
  • Linux / Windows / workstation / mobile device security hardening
  • Understanding Cloud Security best practices
  • External Regulatory compliance efforts, specifically PCI DSS
  • Secure Development Lifecycle practices and methods
  • Technical monitoring, troubleshooting, impact determination, and problem solving
  • Vulnerability and penetration testing
  • Experience researching, implementing and administration of security infrastructure
  • Application vulnerability and Web Application protection solutions
  • Cloud based IaaS/PaaS knowledge and understanding (AWS/Azure/GCP)
  • Intrusion protection, firewalls, and SIEM tools
  • File integrity monitoring, data loss prevention, and network access control
  • Event log aggregation and analysis

We know the confidence gap and imposter syndrome can get in the way of meeting spectacular candidates. Please don't hesitate to apply.

Apply for this position

Apply

Your application has been successfully submitted.

Please fix the errors below and resubmit.

Something went wrong. Please try again later or contact us.

Personal information

Profile

Details