Mts1, Information Security Engineer

At PayPal (NASDAQ: PYPL), we believe that every person has the right to participate fully in the global economy. Our mission is to democratize financial services to ensure that everyone, regardless of background or economic standing, has access to affordable, convenient, and secure products and services to take control of their financial lives.

**Job Description**:
**This role will specifically focus on Cloud Security professionals who has strong foundational knowledge and experience on CyberSecurity**

**Essential functions**

Working daily on security review requests by responding to queries from technical engineering and architects, product owners, operations, business units and development teams
- Participate in the design of technical solutions and implementation methods providing security guidance and ensuring inclusion of security controls
- Analyze security related incidents and provide guidance on contributing control gaps and advise on plausible technical security control solutions
- Participate in the design and deployment of security controls and alignment of controls with business requirements
- Provide security policy and procedure guidance on review requests
- Provide approval/confirmation that activities, products, or deployments are aligned with Information Security policies and procedures
- Analyze risk and propose mitigating controls
- Review peer queries for final disposition
- Escalate to management where exception to policy is requested/required
- Enabling business without compromise on security posture of the organization

Review peer and subordinate consulting engagements prior to ECS approval
- Ensure consistency and accuracy across the team
- Ensure gaps/findings/risks are identified and adjudicate risk
- Validate compensation controls are called out and understood by requestors
- Understand and advocate strategy and vision for the team
- Work across team disciplines building knowledge and improving each discipline

Participate in consulting process efficiency and improvement through
- Engineering and implementing automation
- Identify and suggesting technologies, products, and process for peer teams
- Work with the technology owners to identify patterns that can be approved without ECS review

Represent Enterprise Cyber Security (ECS) in various councils, forums and Guilds

**Knowlege**

Required:

- 3-5 years of cloud security experience
- INFOSEC Certified Cloud Security Professional (CCSP)
- Experience working in a ticketing system environment
- Experience working in at least one of the three platforms Azure, AWS, GCP
- Bachelor’s degree or equivalent industry experience.
- Technology Cloud security practitioner or equivalent

Desirable
- Understanding of SOX 404, PCI, FFEIC, GLBA, OFAC, the Patriot Act, and other regulatory requirements for the financial services sector.
- Good understanding of information security and risk management frameworks such as OWASP and ISO27001.
- Google Professional Cloud Security Engineer
- Microsoft Certified: Azure Security Engineer Associate
- AWS Certified Security - Specialty

**Skills**
- In-depth understanding of the following cybersecurity areas with expertise in two or more areas along with very detailed cloud security knowledge and experience. Ability to provide consultation on technical design, deployment, and operations in the area
- o Security Architecture
- o Application Security
- o Network security
- o Data Security
- o Cryptography
- In-depth understanding of security standards, controls, and best practices
- Knowledge of software development, network engineering, cloud engineering
- Familiarity on working in a ticketing system to handle daily task, documenting the findings / decisions, generate reports / dashboards would be preferred
- Suggest and implement new ideas to optimize and continuous focus on improving quality and processes

**Behavioural**
- Self-Awareness - Insightful, reflective, understands personal strengths and weaknesses, seeks feedback.
- Learns from experience; cool and resilient through change; treat others constructively and always with respect
- Mental Agility - Think through problems from a fresh point of view, comfortable with ambiguity & complexity
- Sees through customer eyes and brings in ideas to improve our products and services
- Technical research of solutions capabilities and verification of technical options, problem solver
- Get results under tough conditions; inspire others to go beyond the norm; exhibit presence that builds confidence
- Experience building and maintaining constructive working relationships with a diverse community (in and outside of technology); ability to effectively communicate (both written and verbal) with and influence both technical and non-technical audiences.
- Demonstrated experience earning the trust and respect of colleagues both in and outside of the Information Security team.
- Unquestionable integrity.

Our Benefits:
At PayPal, we’re committed to building an