PayPal Cyber Risk Lead 

China, Hong Kong, Hong Kong Island 

595924734

Key Responsibilities:

• Oversee information security and technology controls in PayPal Hong Kong’s systems.
• Function as a subject matter expert (SME) on technology and cybersecurity matters, thus enabling informed decisions by senior management
• Ensure compliance with applicable regulatory requirements in regulated markets in Asia-Pacific including but not limited to CRAF, Guideline on Supervision of Stored Value Facility Licensees, etc.
• Monitor, assess, and address gaps in newly introduced and/or upcoming regulations, and ensuring that necessary security controls are in place and functioning effectively.
• Manage information security incidents and events impacting PPHK or its customers by working in close coordination with global teams responsible for crisis management and security incident response, and the senior management team.
• Lead information security awareness and training initiatives.
• Perform risk assessments, reporting, and remediation in cooperation with regional or global information security teams.

The role will also encompass contributions to regional governance initiatives:

• Supporting the efficient management of audits and examinations by regulatory bodies, coordinating with global teams to prepare necessary documentation and reports.
• Collaborating with global teams such as to ensure that Service Level Agreements (SLAs) are adopted and met, ensuring high service standards across the region.
• Contribute to international cyber resilience efforts by identifying, assessing, and mitigating cybersecurity risks.
• Perform regular risk assessments and reporting findings to regional and global teams, such as to ensure that risks are identified and mitigated proactively.

Requirements:

• Bachelor's degree in a relevant field (e.g., Computer Science, Engineering, Technology Management).
• 5-8 years’ experience in an IT security, risk management, or similar function, with experience in executive-level communication.
• Capability in understanding, evaluating and describing technical controls in areas such as Cloud, DevOps, application security and networks
• Excellent written and verbal skills in English and Cantonese
• Strong interpersonal and collaborative skills
• Possess the ability to communicate information security-related concepts to technical and non-technical audiences.
• Strong influencing, negotiation, and relationship building skills; an ability to interface internally and externally to ensure successful, high-quality outcomes.
• Capable of effectively managing teams and leading projects supported bycross-functional/matrixteam structures.
• Strong critical thinking and problem-solving skills, with necessary dynamism to switch between strategic and tactical thinking.
• Possess the ability to work with geographically distributed teams, across different time zones.
• Experience with cybersecurity frameworks such as NIST Cybersecurity Framework, ISO27001, or PCI DSS is an advantage.

Our Benefits:

Any general requests for consideration of your skills, please