We work to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments and businesses realize their greatest potential. Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. We cultivate a culture of inclusion (https://www.mastercard.us/en-us/vision/who-we-are/diversity-inclusion.html) for all employees that respects their individual strengths, views, and experiences. We believe that our differences enable us to be a better team – one that makes better decisions, drives innovation and delivers better business results.
Lead Technology Risk Analyst
The Mastercard Technology Risk Team is looking for a Lead Technology Risk Analyst to oversee the controls’ assurance program supporting various requirements to meet customer and regulatory obligations for the related region. Focus would be around providing compliance support, monitoring, and reporting of the on-going operating effectiveness of Mastercard’s internal control environment. The role will be a pivotal part of the Mastercard Technology Risk function.
Mastercard is committed to balancing innovation while protecting the internal control posture. The team assesses internal controls to proactively identify risks, define remediation actions and track remediation efforts. We are looking for someone to join our team and help us meet these compliance goals. This person will be a technically savvy person who likes to solve issues and drive outcomes.
The ideal candidate will have the ability to think and act both strategically and tactically while ensuring that the corporation remains compliant with required security, technology, and financial standards, as well as industry best practices.
• Act as an advisory, a focal point for security and compliance-related activities and responsibilities that includes implementation of ISO 27001 standards within the organization.
• Identify potential security weaknesses through control assessments and track them to
closure within the timeliness.
• Establish and track remediation internally and externally through to resolution whilst improving design and operational effectiveness of controls
• Document assessment results and write assessment report(s) for key stakeholders in conjunction with Mastercard’s Information Security Risk Assessment Program.
• Collaborate with IT, Business areas, and the internal Information Security teams to deliver within deadlines.
• Create and suggest measures to improve Information security processes and procedures.
• Prepare compliance status reports and dashboards for key initiatives, plans and audit tracking of the current processes as per management requirements.
• Experience working within digital and technology functions ideally in a compliance role.
• Strong understanding of security risk management frameworks such as ISO 27001/27002, GDPR, Data privacy, Business continuity Skills and Experience
• Bachelor’s degree or equivalent combination of education and experience/Bachelor’s degree in computer science, information technology or related field preferred
• One or more professional certifications like CISA or CISSP (Desirable)
• Professional Certifications ISO 27001 LEAD AUDITOR /Implementer
• Strong understanding of information security domains and possesses a well-rounded technical background. Knowledge of operational risk, IT processes and systems
• Excellent communication, organization time management and problem-solving skills
• Stay informed and educated on current and potential security threats and attacks
• Demonstrated experience in managing complex projects related to information security
In many locations, we’ve implemented a virtual hiring process and continue to interview candidates by video or phone. In addition, in our NYC offices, as required by law, only individuals who have been fully vaccinated against COVID-19 will be permitted inside Mastercard offices unless a reasonable accommodation has been approved in advance.
Corporate Security Responsibility
All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:
Abide by Mastercard’s security policies and practices;
Ensure the confidentiality and integrity of the information being accessed;
Report any suspected information security violation or breach, and
Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.
Requisition ID: R-178469