דרושים Risk Compliance Oversight ב-Paypal ב-Mexico, Mexico City

Essential Responsibilities:

• Facilitate the onboarding process for new vendors, ensuring compliance with procurement policies and third-party risk management protocols.
• Create, review, and process purchase orders for goods and services, ensuring accuracy and adherence to financial controls.
• Track and monitor procurement activities to ensure timely delivery of goods and services, and resolve any issues that arise.
• Reconcile supplier invoices with purchase orders and delivery receipts, ensuring accurate and timely payment.
• Maintain positive relationships with suppliers, addressing any concerns or issues promptly to foster long-term partnerships.
• Implement cost control measures to manage organizational spend effectively and identify opportunities for cost savings.
• Ensure all procurement activities comply with company policies, financial controls, and regulatory requirements.
• Analyze procurement data to identify trends, generate reports, and provide insights for process improvements.
• Collaborate with cross-functional teams to optimize P2P processes, enhancing efficiency and effectiveness.
• Assist in internal and external audits by providing necessary documentation and information related to procurement activities.

Expected Qualifications:

• 1+ years relevant experience and a Bachelor’s degree OR Any equivalent combination of education and experience.

• Perform third party risk assessments within the end-to-end onboarding process.
• Review internal inherent risk questionnaire results to determine risk tier.
• Responsible for maintaining accurate risk record of vendors (holistic view) in the TPM tool based on their assessments.
• Work cross-functionally across stakeholder teams, including sourcing, vendor master registration, PO and invoicing, legal contracting, and business unit managers.
• Consult with Control Partners and the Third Party Oversight Second Line of Defense.
• Review external questionnaires and supporting evidence that risks identified are mitigated through proper controls. Generate observations for risk issues and remediation.
• Identify issues from the assessments and support the functional area in validating remediation efforts.
• Ensure compliance with policy and regulatory requirements throughout the third-party lifecycle.
• Understand the role of third-party risk management within the overall procurement and onboarding process.

Belonging at PayPal:

Any general requests for consideration of your skills, please

Essential Responsibilities:

• Utilize advanced analytical techniques to assess complex information sets, enabling the formulation of logical and well-supported recommendations for reporting to global regulatory bodies and internal stakeholders. These investigative decisions are essential to fulfilling PayPal’s fiduciary responsibilities under international regulations, which mandate effective monitoring of customer activities to detect and report suspicious activities, including money laundering and terrorist financing.
• Conduct comprehensive end-to-end reviews of potential illegal or suspicious activities, ensuring thoroughness and accuracy in all investigations.
• Perform timely and detailed analyses of instances of potential Anti-Money Laundering (AML) activities and suspicious financial transactions across diverse jurisdictions and countries, adhering to local and international compliance standards.
• Evaluate customer profiles and analyze large datasets to confirm that activities align with expected norms, ensuring compliance with Acceptable Use Policies and Know Your Customer (KYC) regulations.
• Leverage both internal data and various open-source research platforms to investigate potentially illicit activities, thereby supporting informed investigative decisions
• Document findings in a narrative format within both manual and automated case management systems and prepare comprehensive reports for management as required.
• Consistently exercise sound judgment in making decisions and recommendations related to case investigations, ensuring alignment with global best practices and regulatory requirements.

Minimum Qualifications:

• Minimum of 2 years of relevant work experience and a Bachelor's degree or equivalent experience.

Our Benefits:

Any general requests for consideration of your skills, please

Essential Responsibilities:

• Facilitate the onboarding process for new vendors, ensuring compliance with procurement policies and third-party risk management protocols.
• Create, review, and process purchase orders for goods and services, ensuring accuracy and adherence to financial controls.
• Track and monitor procurement activities to ensure timely delivery of goods and services, and resolve any issues that arise.
• Reconcile supplier invoices with purchase orders and delivery receipts, ensuring accurate and timely payment.
• Maintain positive relationships with suppliers, addressing any concerns or issues promptly to foster long-term partnerships.
• Implement cost control measures to manage organizational spend effectively and identify opportunities for cost savings.
• Ensure all procurement activities comply with company policies, financial controls, and regulatory requirements.
• Analyze procurement data to identify trends, generate reports, and provide insights for process improvements.
• Collaborate with cross-functional teams to optimize P2P processes, enhancing efficiency and effectiveness.
• Assist in internal and external audits by providing necessary documentation and information related to procurement activities.

Minimum Qualifications:

• Minimum of 2 years of relevant work experience and a Bachelor's degree or equivalent experience.

Preferred Qualification:

• 2+ years of third-party risk or related controls management experience
• GRC and/or risk platforms (Ariba, Certa Interos) a plus
• Demonstrated leadership and project management experience
• Excellent analytical, problem solving and decision-making ability
• Must navigate gray areas, multitask, and manage competing priorities under demanding deadlines
• Verbal, written, presentation (PowerPoint), and interpersonal communications skills
• Relentless customer focus
• Excellent interpersonal skills. Ability to work across the organization and interact and influence effectively at all levels of management and peers through communication and listening
• PayPal culture carrier, a source of energy and inspiration
• Comfortable working both independently and collaboratively in a global team setting

Our Benefits:

Any general requests for consideration of your skills, please

Essential Responsibilities:

• Provide expert advice and strategic counsel to senior executives, shaping the development of multi-year risk management and security governance strategies that align with business goals and long-term organizational objectives.
• Determine the most effective methods and strategies for addressing complex security risks, driving innovation through collaboration with cross-functional teams to shape the organization’s security risk management and governance landscape.
• Identify and resolve unique, high-impact security risks, applying deep expertise to situations of substantial significance, and develop innovative solutions that influence and strengthen the organization’s security framework.
• Drive the future risk management and security governance roadmap, shaping the security vision that supports business growth and mitigates risk to provide a competitive advantage.
• Lead the development and execution of key components of the multi-year security strategy, contributing to the broader security agenda within the organization.
• Inspire and motivate team(s) to pursue innovative solutions, ensuring alignment with the overall security strategy and business objectives, while fostering a culture of excellence and continuous improvement.

Minimum Qualifications:

• Minimum of 15 years of relevant work experience and a Bachelor's degree or equivalent experience.

Strategic Alignment & Governance

• Ensure the alignment of global cybersecurity strategies, frameworks, and policies with local and regional regulatory requirements, particularly in high-regulation environments such as LATAM.
• Bridge global objectives with in-country execution by enabling the adoption of enterprise-wide programs within local regulatory and operational constraints.
• Advise senior executives and board-level stakeholders on cyber governance maturity and alignment with business strategy.

Operational Security Leadership

• Act as the designated Information Security Officer for regulated financial entities, fulfilling local legal and supervisory expectations.
• Serve as the Entity Service Owner for intra-group technology services, with oversight of service level adherence, security control effectiveness, and compliance at the point of delivery.

Cyber Resilience Program Leadership

• Lead the design, execution, and continuous evolution of cyber resilience programs, ensuring robust preparedness through business impact analyses, recovery strategies, and end-to-end testing.
• Deliver tangible evidence of operational readiness, integrated with IT disaster recovery, business continuity, and third-party resilience plans.
• Ensure alignment with global resilience standards and evolving regulatory expectations, including regional LATAM frameworks.

Regulatory Compliance & Readiness

• Maintain an authoritative inventory of cybersecurity regulatory obligations across LATAM and global markets.
• Proactively ensure that controls are designed, implemented, and tested to meet external audit and supervisory examination standards.
• Partner with Legal, Compliance, and Risk teams to anticipate regulatory changes and adjust cybersecurity posture accordingly.

Cyber Risk Management & Control Operation

• Operate and continuously improve first-line cybersecurity controls across infrastructure, applications, and third-party services.
• Monitor control effectiveness, identify risks and control deficiencies, and lead remediation planning in coordination with second and third lines of defense.
• Represent cybersecurity in key governance forums, including entity-level risk committees, IT steering groups, and audit/regulatory readiness sessions.

Incident Preparedness & Security Advocacy

• Direct and participate in incident response planning, simulations, tabletop exercises, and post-incident reviews.
• Serve as the first point of escalation for local cybersecurity incidents, coordinating response with global SOCs, legal teams, and regulators as necessary.
• Foster a culture of cyber awareness across business and technology functions through targeted communications, training, and leadership engagement.

What you need to bring

• 15+ years of experiencein cybersecurity, ICT risk, or operational resilience in theLatin American financial sector.
• Proven track record leadingsecurity and risk functions in regulated financial institutions, including engagement with BACEN, CNBV, CMF, SUSEP, or SFC.
• Strong understanding offinancial regulatory ecosystems, cross-border data protection laws (e.g., LGPD), and banking/insurance sector dynamics.
• Demonstrated ability to manage complex regulatory environments and lead teams across geographies and languages.
• Executive-level communication skills and board-facing experience are essential.

Preferred Certifications

• CISSP, CISM, CRISC, or similar cybersecurity credentials
• DRI/BCI Business Continuity certifications
• ITIL, ISO 27001 Lead Auditor, or equivalent regulatory frameworks
• Familiarity with NIST CSF, COBIT, and regional cloud/data protection laws

Our Benefits:

Any general requests for consideration of your skills, please

Essential Responsibilities:

• Provide expert advice and strategic counsel to senior executives, shaping the development of multi-year risk management and security governance strategies that align with business goals and long-term organizational objectives.
• Determine the most effective methods and strategies for addressing complex security risks, driving innovation through collaboration with cross-functional teams to shape the organization’s security risk management and governance landscape.
• Identify and resolve unique, high-impact security risks, applying deep expertise to situations of substantial significance, and develop innovative solutions that influence and strengthen the organization’s security framework.
• Drive the future risk management and security governance roadmap, shaping the security vision that supports business growth and mitigates risk to provide a competitive advantage.
• Lead the development and execution of key components of the multi-year security strategy, contributing to the broader security agenda within the organization.
• Inspire and motivate team(s) to pursue innovative solutions, ensuring alignment with the overall security strategy and business objectives, while fostering a culture of excellence and continuous improvement.

Minimum Qualifications:

• Minimum of 15 years of relevant work experience and a Bachelor's degree or equivalent experience.

Strategic Alignment & Governance

• Ensure the alignment of global cybersecurity strategies, frameworks, and policies with local and regional regulatory requirements, particularly in high-regulation environments such as LATAM.
• Bridge global objectives with in-country execution by enabling the adoption of enterprise-wide programs within local regulatory and operational constraints.
• Advise senior executives and board-level stakeholders on cyber governance maturity and alignment with business strategy.

Operational Security Leadership

• Act as the designated Information Security Officer for regulated financial entities, fulfilling local legal and supervisory expectations.
• Serve as the Entity Service Owner for intra-group technology services, with oversight of service level adherence, security control effectiveness, and compliance at the point of delivery.

Cyber Resilience Program Leadership

• Lead the design, execution, and continuous evolution of cyber resilience programs, ensuring robust preparedness through business impact analyses, recovery strategies, and end-to-end testing.
• Deliver tangible evidence of operational readiness, integrated with IT disaster recovery, business continuity, and third-party resilience plans.
• Ensure alignment with global resilience standards and evolving regulatory expectations, including regional LATAM frameworks.

Regulatory Compliance & Readiness

• Maintain an authoritative inventory of cybersecurity regulatory obligations across LATAM and global markets.
• Proactively ensure that controls are designed, implemented, and tested to meet external audit and supervisory examination standards.
• Partner with Legal, Compliance, and Risk teams to anticipate regulatory changes and adjust cybersecurity posture accordingly.

Cyber Risk Management & Control Operation

• Operate and continuously improve first-line cybersecurity controls across infrastructure, applications, and third-party services.
• Monitor control effectiveness, identify risks and control deficiencies, and lead remediation planning in coordination with second and third lines of defense.
• Represent cybersecurity in key governance forums, including entity-level risk committees, IT steering groups, and audit/regulatory readiness sessions.

Incident Preparedness & Security Advocacy

• Direct and participate in incident response planning, simulations, tabletop exercises, and post-incident reviews.
• Serve as the first point of escalation for local cybersecurity incidents, coordinating response with global SOCs, legal teams, and regulators as necessary.
• Foster a culture of cyber awareness across business and technology functions through targeted communications, training, and leadership engagement.

What you need to bring

• 15+ years of experiencein cybersecurity, ICT risk, or operational resilience in theLatin American financial sector.
• Proven track record leadingsecurity and risk functions in regulated financial institutions, including engagement with BACEN, CNBV, CMF, SUSEP, or SFC.
• Strong understanding offinancial regulatory ecosystems, cross-border data protection laws (e.g., LGPD), and banking/insurance sector dynamics.
• Demonstrated ability to manage complex regulatory environments and lead teams across geographies and languages.
• Executive-level communication skills and board-facing experience are essential.

Preferred Certifications

• CISSP, CISM, CRISC, or similar cybersecurity credentials
• DRI/BCI Business Continuity certifications
• ITIL, ISO 27001 Lead Auditor, or equivalent regulatory frameworks
• Familiarity with NIST CSF, COBIT, and regional cloud/data protection laws

Our Benefits:

Any general requests for consideration of your skills, please

Job Description:

In your day-to-day role you will:

• Deliver regulatory requirements for PayPal Mexico Legal Entities, this position is responsible for support of second line oversight of the PPMX’s Risk and Compliance Management Program driving a data-driven approach that meets both the PayPal framework and all local regulatory requirements.
• Assist with all aspects related to regulatory requirements, ensuring adherence to applicable laws and standards.
• Provide guidance to business partners relating to the development of controls for critical business processes to mitigatecompliance/operationalrisk.
• Assist in execution of the compliance risk assessments.
• Support ongoing and targeted compliance monitoring and/or testing.
• Provide ongoing support of business unit’s issue management and remediation efforts.
• Assist with the development of applicable policies.
• Provide business with guidance and oversight of new product development initiatives.
• Prepare periodic reports summarizing the business units’ risk and control environment.
• Engage key Risk and Compliance program stakeholders to help support business unit initiatives.
• Ensure compliance with Banxico’s Circular 14/2017 and other relevant SPEI regulations.
• Develop and update risk prevention, AML/CFT, and cybersecurity policies for SPEI.
• Coordinate internal and external audits related to SPEI operations.
• Generate reports on compliance and risks associated with SPEI controls.
• Support the preparation and submission of regulatory reports to Condusef, CNBV and Banxico ensuring compliance with local regulations.

Qualifications/Education/Experience/Skills:

• Deep knowledge of global financial institutions, payments aggregators, money service business, ITFs, and/or banking compliance.
• At least 7+ years of experience in a large organization or financial supervisory agency including demonstrated leadership in building and overseeing Compliance Programs comprised by -among others- privacy, anticorruption, anti-bribery, consumer protection.
• Extensive experience with regulators and the regulatory exam process, ideally for financial institutions.
• Ability to navigate across multiple geographies, including global shared services functions that reside outside of Mexico.
• Demonstrated ability to build and maintain relationships with key stakeholders, including strengths in influencing, conflict management, and negotiation.
• Ability to communicate complex matters in a simple and clear manner.
• Ability to take ownership of outcomes and the ability to work with business unit teams to confront issues and drive performance.
• Skilled at identifying and recommending cost effective solutions and organizing resource allocation.
• Extensive experience in partnering with and counseling senior business clients, particularly in the context of a rapidly changing environment.
• Strong problem solving and operational process skills and attention to detail.
• Excellent ability to analyze regulatory risks in complex business processes and recommend controls to mitigate those risks.
• Excellent presentation and project management skills with the ability to successfully work multiple issues at one time.
• High energy and creativity, an entrepreneurial spirit and the desire to work in a growing and changing environment.
• Ability to work within a matrixed environment, and cross functionally with operations and technology functions.
• Ability to operate with strong integrity with the ability to handle projects of a sensitive and confidential nature.
• Strong computer knowledge; excellent MS Word, Excel, Visio, and PowerPoint skills.

Our Benefits:

Any general requests for consideration of your skills, please

Key responsibilitiesinclude the following for Mexico and other LATAM countries:

• Assessment of current and changing Mexican tax law to PayPal businesses
• Analysis and review of business initiatives
• Coordination and computation with local controllership of quarterly and annual US GAAP tax provisions
• Coordination and computation with local controllership of quarterly and annual Statutory tax provisions
• Evaluation of FIN 48 / IFRIC tax reserves and development of support computations
• Assistance with compilation of support and review of local income tax returns
• Detailed analysis of income tax return and audit support workpapers
• Pillar 2 minimum tax computations and compliance
• Coordination with the local controllership team to provide data for local audit responses

Job Requirements

• BA/BS in Accounting or Finance equivalent; CPA; Masters in Taxation preferred
• 8+ years of progressive professional experience in ASC740 income tax accounting for publicly held multinational companies
• Excellent tax accounting technical skills, analytical thinker, detail oriented
• Ability to collaborate as part of a team
• Excellent written and verbal communication skills, with ability to effectively relate tax accounting issues to non-tax provision personnel
• Fluent in Spanish and English required, ability to speak Portuguese is preferred but not required
• Mexican tax background with familiarity of US tax concepts. Familiarity with current OECD BEPS guidance, Pillar 2 and country by country reporting a plus
• Resourcefulness and adaptability; self-motivated with ability to work in a fast-paced environment with excellent prioritization and organizational skills
• Experience with Corptax, OneSource Tax Provision, and S4Hana/SAP a plus

Our Benefits:

Any general requests for consideration of your skills, please