Job Title: Cyber Security Engineer V
Location: San Jose CA (Onsite)
Job Description
Security Compliance Engineer AWF
- The Global Information Security team is responsible for driving security compliance activities for eBay Payments Marketplaces Corporate IT and adjacent businesses. The Security Compliance Analyst will play a critical role working directly with business leaders to understand security compliance issues lead technical compliance assessments and mitigation efforts and develop effective remediation programs and actions to resolve compliance issues.
Requirements
- 7 years of security and compliance experience. Experience in eCommerce Payments or Technology space a plus
- Experience with/understanding of PCI DSS SOC 2 ISO 27001 NIST and/or other industry standard control frameworks.
- Experience with managing third party audits including working with internal teams to collect evidence to be used in an audit.
- Strong technical understanding of security compliance requirements and solutions as well as threats and challenges impacting the protection of information across an extended global enterprise.
- Possess general knowledge of networking encryption authentication payment infrastructure cloud infrastructure and application security
- Capable of flexing between high level strategic concepts & frameworks to tactical operational implementation
- Selfstarter with a bias towards action and can thrive in a fastpaced and ambiguous environment
- Exceptional communication skills including clear and concise writing an engaging presentation style and group facilitation
- Strong teamwork skills with a demonstrated ability to collaborate across teams and roles
Key Responsibilities
- Ability to provide pragmatic guidance to business leaders and stakeholders that effectively balances security compliance risks with the needs of the business.
- Contribute to the growing information security and compliance program at eBay including performing security compliance audits identifying problems and areas for process improvement.
- Work closely with internal business units and relevant departments to assess compliance and where necessary provide support in remediating noncompliant areas
- Have a deep understanding of security controls underlying business processes concepts practices and tools used to promote adoption of applicable security standards
- Advise management on specific security requirements implementations and the impact on business processes applications and systems as needed
- Generate periodic reports to teams and senior stakeholders and make practical recommendations to improve security practices
- Research and extract insights from industry standards and trends apply them to the scope of internal controls and improve security practices and compliance in the company
- Facilitate organizational adoption of new security controls standards and best practices through thoughtful change management strategies
- Document security/technology control requirements and develop methods to meet new cyber security and compliance needs and requirements as needed.
- Coordinate compliance and audit activities with other groups.