Senior Information Security Risk ManagerSan Jose, California Requisition Number R0028986 Subsidiary eBay
The Information Security Risk Manager is responsible for managing the global information security risk program across Payments, Risk, and Billing functions within eBay. This individual will work directly with business leaders to understand security and risk issues; oversee risk management and assessment efforts; and develop effective remediation programs. Execution of these programs is critical to the success of this position.
We are looking for someone with strong security, compliance, risk, and leadership skills; experience with Information Security and Risk Management practices and principles, as well as a willingness to work hard as part of a terrific team.
Lead and govern the measurement and reporting of risks across Payments, Risk, and Billing functions including documentation updates, scoping, assessments, management reporting, and driving remediation of issues.
Establish, monitor, and report Key Performance Indicators and Key Risk Indicators.
Participate in setting strategic direction for the Information Security program.
Communicate and present key security risks at a variety of levels including business and technology leaders to ensure a clear understanding of these risks.
Provide leadership in maturing the global information security risk management program including the enterprise security reporting and metrics processes to meet the ongoing needs of the business.
Ensure adherence to eBay’s security policies, standards, and methodologies.
Identify and drive automation and efficiencies within the risk management program.
Coordinate with Internal Audit and other groups responsible for risk management areas (i.e. fraud, business continuity/disaster recovery)
Utilize industry resources and Global Information Security subject matter experts to develop industry leading risk management solutions and approaches.
Must be able to interface and coordinate work efficiently and effectively with business colleagues and vendors in global locations and time zones.
All other duties as assigned.
Skills and Qualifications:
7+ years progressive experience in developing and managing an Information Security risk management program within a large multinational company.
Ability to maintain a long-term strategic focus while working on short-term tactical goals.
Solid technical understanding of IT systems, applications, networks, and databases.
Extensive experience with security compliance tools (e.g. Qualys, Archer, Riskonnect).
Strong written and verbal communication skills required. Must be able to interface, influence, and coordinate work efficiently and effectively with business colleagues in multiple locations at all levels.
Self-starter with leadership skills and the ability to manage multiple tasks concurrently.
Strong project management, interpersonal, relationship building, collaboration and influencing skills.
Proven track record of successfully managing and implementing security programs and projects.
Ability to communicate effectively with technical staff, business owners, and leadership
Education and Certifications:
Bachelor’s Degree or equivalent work-related experience required.
CISSP, CISM, CISA or equivalent preferred.
Ability to travel (domestic and international) as required.
Strong analytical, organizational and decision making skills.
Knowledge of information security principles and risk management methodologies.
Aptitude to quickly learn new environments and technologies.
Must be organized, goal-oriented, and a self-starter.
Experience working in a fast-paced, highly complex environment.
Experience working with cross-functional teams to deliver results.
Familiarity with compliance rules and regulations (GLBA, FFIEC, SOX, PCI DSS, ISO, Data Privacy laws).
View our accessibility info
eBay Inc. is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, sex, sexual orientation, gender identity, veteran status, and disability, or other legally protected status. If you are unable to submit an application because of incompatible assistive technology or a disability, please contact us at email@example.com. We will make every effort to respond to your request for disability assistance as soon as possible.
For more information see: