Director, Cybersecurity Risk

The Company

PayPal has been revolutionizing commerce globally for more than 25 years. Creating innovative experiences that make moving money, selling, and shopping simple, personalized, and secure, PayPal empowers consumers and businesses in approximately 200 markets to join and thrive in the global economy. 

We operate a global, two-sided network at scale that connects hundreds of millions of merchants and consumers. We help merchants and consumers connect, transact, and complete payments, whether they are online or in person. PayPal is more than a connection to third-party payment networks. We provide proprietary payment solutions accepted by merchants that enable the completion of payments on our platform on behalf of our customers.

We offer our customers the flexibility to use their accounts to purchase and receive payments for goods and services, as well as the ability to transfer and withdraw funds. We enable consumers to exchange funds more safely with merchants using a variety of funding sources, which may include a bank account, a PayPal or Venmo account balance, PayPal and Venmo branded credit products, a credit card, a debit card, certain cryptocurrencies, or other stored value products such as gift cards, and eligible credit card rewards.  Our PayPal, Venmo, and Xoom products also make it safer and simpler for friends and family to transfer funds to each other. We offer merchants an end-to-end payments solution that provides authorization and settlement capabilities, as well as instant access to funds and payouts. We also help merchants connect with their customers, process exchanges and returns, and manage risk. We enable consumers to engage in cross-border shopping and merchants to extend their global reach while reducing the complexity and friction involved in enabling cross-border trade. 

Our beliefs are the foundation for how we conduct business every day.  We live each day guided by our core values of Inclusion, Innovation, Collaboration, and Wellness. Together, our values ensure that we work together as one global team with our customers at the center of everything we do – and they push us to ensure we take care of ourselves, each other, and our communities.

Job Summary:

As Director of Cyber Risk, and Digital Resilience for LATAM, you will lead the regional strategy and implementation of cybersecurity and resilience programs across regulated financial institutions in Latin America. This includes aligning global cyber frameworks with local regulatory expectations, overseeing cyber risk management, and ensuring operational readiness and compliance.

Job Description:

Essential Responsibilities:

• Provide expert advice and strategic counsel to senior executives, shaping the development of multi-year risk management and security governance strategies that align with business goals and long-term organizational objectives.
• Determine the most effective methods and strategies for addressing complex security risks, driving innovation through collaboration with cross-functional teams to shape the organization’s security risk management and governance landscape.
• Identify and resolve unique, high-impact security risks, applying deep expertise to situations of substantial significance, and develop innovative solutions that influence and strengthen the organization’s security framework.
• Drive the future risk management and security governance roadmap, shaping the security vision that supports business growth and mitigates risk to provide a competitive advantage.
• Lead the development and execution of key components of the multi-year security strategy, contributing to the broader security agenda within the organization.
• Inspire and motivate team(s) to pursue innovative solutions, ensuring alignment with the overall security strategy and business objectives, while fostering a culture of excellence and continuous improvement.

Minimum Qualifications:

• Minimum of 15 years of relevant work experience and a Bachelor's degree or equivalent experience.

Preferred Qualification:

Your day to day

Strategic Alignment & Governance

• Ensure the alignment of global cybersecurity strategies, frameworks, and policies with local and regional regulatory requirements, particularly in high-regulation environments such as LATAM.
• Bridge global objectives with in-country execution by enabling the adoption of enterprise-wide programs within local regulatory and operational constraints.
• Advise senior executives and board-level stakeholders on cyber governance maturity and alignment with business strategy.

Operational Security Leadership

• Act as the designated Information Security Officer for regulated financial entities, fulfilling local legal and supervisory expectations.
• Serve as the Entity Service Owner for intra-group technology services, with oversight of service level adherence, security control effectiveness, and compliance at the point of delivery.

​

Cyber Resilience Program Leadership

• Lead the design, execution, and continuous evolution of cyber resilience programs, ensuring robust preparedness through business impact analyses, recovery strategies, and end-to-end testing.
• Deliver tangible evidence of operational readiness, integrated with IT disaster recovery, business continuity, and third-party resilience plans.
• Ensure alignment with global resilience standards and evolving regulatory expectations, including regional LATAM frameworks.

​

Regulatory Compliance & Readiness

• Maintain an authoritative inventory of cybersecurity regulatory obligations across LATAM and global markets.
• Proactively ensure that controls are designed, implemented, and tested to meet external audit and supervisory examination standards.
• Partner with Legal, Compliance, and Risk teams to anticipate regulatory changes and adjust cybersecurity posture accordingly.

​

Cyber Risk Management & Control Operation

• Operate and continuously improve first-line cybersecurity controls across infrastructure, applications, and third-party services.
• Monitor control effectiveness, identify risks and control deficiencies, and lead remediation planning in coordination with second and third lines of defense.
• Represent cybersecurity in key governance forums, including entity-level risk committees, IT steering groups, and audit/regulatory readiness sessions.

​

Incident Preparedness & Security Advocacy

• Direct and participate in incident response planning, simulations, tabletop exercises, and post-incident reviews.
• Serve as the first point of escalation for local cybersecurity incidents, coordinating response with global SOCs, legal teams, and regulators as necessary.
• Foster a culture of cyber awareness across business and technology functions through targeted communications, training, and leadership engagement.

What you need to bring

• 15+ years of experience in cybersecurity, ICT risk, or operational resilience in the Latin American financial sector.
• Proven track record leading security and risk functions in regulated financial institutions, including engagement with BACEN, CNBV, CMF, SUSEP, or SFC.
• Strong understanding of financial regulatory ecosystems, cross-border data protection laws (e.g., LGPD), and banking/insurance sector dynamics.
• Demonstrated ability to manage complex regulatory environments and lead teams across geographies and languages.
• Executive-level communication skills and board-facing experience are essential.

Preferred Certifications

• CISSP, CISM, CRISC, or similar cybersecurity credentials
• DRI/BCI Business Continuity certifications
• ITIL, ISO 27001 Lead Auditor, or equivalent regulatory frameworks
• Familiarity with NIST CSF, COBIT, and regional cloud/data protection laws

Subsidiary:

PayPal

Travel Percent:

20

For the majority of employees, PayPal's balanced hybrid work model offers 3 days in the office for effective in-person collaboration and 2 days at your choice of either the PayPal office or your home workspace, ensuring that you equally have the benefits and conveniences of both locations.

Our Benefits:

At PayPal, we’re committed to building an equitable and inclusive global economy. And we can’t do this without our most important asset—you. That’s why we offer benefits to help you thrive in every stage of life. We champion your financial, physical, and mental health by offering valuable benefits and resources to help you care for the whole you.

We have great benefits including a flexible work environment, employee shares options, health and life insurance and more. To learn more about our benefits please visit https://www.paypalbenefits.com.

Who We Are:

Click Here to learn more about our culture and community.

Commitment to Diversity and Inclusion 

PayPal provides equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, pregnancy, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state, or local law.  In addition, PayPal will provide reasonable accommodations for qualified individuals with disabilities.  If you are unable to submit an application because of incompatible assistive technology or a disability, please contact us at talentaccommodations@paypal.com.  

Belonging at PayPal: 

Our employees are central to advancing our mission, and we strive to create an environment where everyone can do their best work with a sense of purpose and belonging. Belonging at PayPal means creating a workplace with a sense of acceptance and security where all employees feel included and valued. We are proud to have a diverse workforce reflective of the merchants, consumers, and communities that we serve, and we continue to take tangible actions to cultivate inclusivity and belonging at PayPal.

Any general requests for consideration of your skills, please Join our Talent Community.

We know the confidence gap and imposter syndrome can get in the way of meeting spectacular candidates. Please don’t hesitate to apply.