Senior Manager, Apac Tech and Security Oversight

As Sr. Manager, Technology and Information Security Oversight, you’ll have a key role to ensure that PayPal remains trusted, compliant, and innovative.

This role operates at the Second Line of Defense to provide PayPal’s regulated entities in the APAC region with essential oversight to ensure that technology and security risks are managed and business requirements are addressed comprehensively and effectively.

To be successful, this role requires strong leadership skills and close collaboration with regional and global stakeholders, including senior executives, a broad range of teams, regulators, and governance functions.

**Meet our team**
- The International Technology and Information Security Oversight team enables PayPal's regulated entities to deliver secure and reliable products and services by maintaining trust, compliance, and innovation.
- Team ensures that PayPal’s international entities’ technology and information security risks are managed, and business requirements are addressed comprehensively and effectively by the operational (first line of defense) functions.

**Your way to impact**

Your work will be instrumental in strengthening the resilience of PayPal's operations in the APAC region. You'll help ensure that:

- Technology and cybersecurity risks are managed effectively.
- Regional Board and Management receive accurate and timely information to enable informed decisions.
- Innovation, new products, and key business initiatives are enabled to achieve international reach.
- Products and services are built and maintained to reliably and securely serve our customers.
- Regulatory obligations are identified, implemented, and fulfilled consistently and evidently.

**Your day-to-day**

In your day-to-day role you will;
- Execute on the Technology and Information Security Oversight priorities in the APAC region to drive independent oversight and effective challenge of technology and information security.
- Advise business leaders about risk posture and risk priorities including the emerging risks and the organization’s effectiveness in addressing the risk.
- Validate that the controls that detect, prevent and recover from the emergence of IT security related risks are properly designed, implemented, operated, documented, and monitored.
- Collaborate with regional and global stakeholders to address the regulatory inquiries, exams and reporting obligations.
- Lead or participate in global efforts to strengthen the technology and security risk management of the international regulated entities.

**What do you need to bring**

We’re looking for someone with a combination of leadership, technical expertise, and collaborative skills to make a meaningful impact.
- **Proven expertise**:You bring deep technical knowledge and experience in technology and cybersecurity risk management. Independent oversight and/or audit experience in a highly regulated, international setting is a plus.
- **Influential leadership**:You have led teams, worked with executive leadership, presented to boards of directors, engaged with regulators, and collaborated with senior leaders across functions.
- **Versatile communicator**:You can transform complex security or technology concepts into simple, relatable insights, tailored for both technical and non-technical audiences.
- **Collaborator and Empowerer**:You are a critical thinker who builds trusted relationships, facilitates collaboration, and drives outcomes by inspiring teams and stakeholders to achieve the highest standards.
- **Strategic leader**:With strong program management skills, you can prioritize what matters the most, manage across multiple mandates, and deliver results that align with business priorities.
- **Global mindset**:You are comfortable working with geographically diverse teams and across time zones.
- **Regulatory expertise**:You have a strong understanding of regulatory frameworks in the APAC region.
- **Professional credentials**such as CISSP, CISM, CRISC, CISA, and knowledge of frameworks such as COBIT, NIST CSF, PCI DSS, and ISO27001 is a plus.