Ppeu Ict Risk & Resilience Manager

PayPal PayPal · Fintech · Luxembourg, Luxembourg District, LU · Cybersecurity Risk

This role is a Manager for ICT Risk & Resilience within PayPal Europe, focusing on compliance with the EU Digital Operational Resilience Act (DORA) and other European regulatory frameworks. The position involves ensuring digital operational resilience, cyber risk management, and regulatory compliance are integrated into business strategy and operations. Responsibilities include monitoring, assessing, and reporting ICT and cyber-related changes, supporting cyber resilience controls, contributing to incident management and regulatory reporting, and supporting senior management reporting and assurance activities. The role requires expertise in security governance, risk assessment, and mitigation strategies within a regulated environment.

What you'd actually do

  1. Leverage specialized security governance and risk expertise to identify and address complex security risks, recommending best practices and determining new approaches that have an impact on broader security operations, while aligning strategies with business priorities
  2. Partner across teams and key stakeholders to drive security risk and governance initiatives, leading and solutioning complex projects and programs to strengthen overall security posture.
  3. Apply advanced analytical skills and sound judgment to assess and mitigate security risks, considering diverse perspectives and innovative solutions. Stay informed on industry trends and regulatory landscape while evaluating their security implications within the context of the PayPal’s governance framework.
  4. Directly contribute to improvements within the security domain and occasionally beyond, ensuring decisions lead to meaningful enhancements in risk mitigation strategies and overall security practices.
  5. Leverage relationships across teams, both within and outside of security, to influence initiatives and integrate feedback into security governance processes and risk management practices.

Skills

Required

  • Security governance
  • Risk management
  • Regulatory compliance
  • DORA
  • ICT risk
  • Business continuity
  • Disaster recovery
  • Cyber resilience
  • Incident management
  • Risk assessment
  • Mitigation strategies
  • Analytical skills
  • Stakeholder management
  • Leadership
  • Mentorship

Nice to have

  • First Line of Defense experience
  • European regulatory frameworks
  • Luxembourg

What the JD emphasized

  • EU Digital Operational Resilience Act (DORA)
  • European regulatory frameworks
  • regulated entity obligations
  • regulatory compliance
  • cyber resilience controls
  • cyber incident management
  • regulatory reporting
  • supervisory expectations
  • resilience scenario testing