Lead, Technology Risk Management

Our Purpose

Mastercard powers economies and empowers people in 200 countries and territories worldwide. Together with our customers, we're helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential.

Title and Summary

Lead, Technology Risk Management

Overview
The Mastercard Technology Regulatory Relations & Market Compliance Team is looking for a Manager (Lead) Technology Risk Analyst to be part of the controls' assurance program supporting various requirements to meet customer and regulatory obligations for the related region. The focus of the role would be around providing compliance support, monitoring, and reporting of the on-going operating effectiveness of Mastercard's internal control environment while ensuring compliance with regulatory requirements, internal policies and industry standards.

Mastercard is committed to balancing innovation while protecting the internal control posture. The team assesses internal controls to proactively identify risks, define remediation actions and track remediation efforts. We are looking for someone to join our team and help us meet these compliance goals. This person will be a technically savvy person who likes to solve issues and drive outcomes.

The ideal candidate will have the ability to think and act both strategically and tactically while ensuring that the corporation remains compliant with required security, technology, and financial standards, as well as industry best practices.

Job Responsibilities

• Act as an advisory, a focal point for security and compliance-related activities and responsibilities that includes implementation of ISO 27001 standards within the organization.

• Identify and evaluate technology risks and any related potential security weaknesses through risk and control assessments across systems, application, infrastructure and processes in accordance with industry standards

• Establish and track remediation internally and externally through to resolution whilst improving design and operational effectiveness of controls.

• Collaborate with key internal stakeholders from Technology and Business to ensure required deliverables are accurate, complete, timely and within the level of expectations required.

• Proactive in providing suggestions in process related improvements and constantly be informed of evolving regulatory and cybersecurity related requirements

• Proficient in providing risk insights to the leadership team through risk dashboards for key initiatives, plans and audit tracking of the current processes as per management requirements.

About You:

• Experience in working with digital and technology functions ideally in a technology and/or cybersecurity related compliance role including managing complex technology / cyber security related audit / regulatory projects.

• Strong understanding of IT general controls and technology and/or cybersecurity risk management frameworks such as NIST, ISO 27001/27002, GDPR, data privacy related regulations,

• Bachelor's degree or equivalent combination of education and experience/Bachelor's degree in Computer Science, Information Technology or related field preferred

• Possess one or more professional certifications (i.e. CISA or CISSPISO 27001 LEAD AUDITOR /Implementer (Desirable)

• Demonstrate proficiency in information security domains technical background in IT processes and systems related risks.

• Self driven with strong organizational and time management skills

• Experience in managing complex projects related to information security

Corporate Security Responsibility

All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:

• Abide by Mastercard's security policies and practices;
• Ensure the confidentiality and integrity of the information being accessed;
• Report any suspected information security violation or breach, and
• Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines.

---