Description
Our Purpose
Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we're helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential.
Title and Summary
Director, Technology Risk Management Overview: The Payment Gateway Team is seeking a Principal, Technology Risk Management to lead and build our strategy for designing and implementing assurance requirements to meet customer and regulatory expectations regarding security and availability risk and controls via assurance products such as SOC 2. The individual will coordinate and advise management to ensure customer and regulatory obligations are considered for the Payment Gateway Service. The individual will be responsible for reviewing and analyzing strategic plans and identifying risk and controls required to meet Mastercard policies and standards and apply the design of relevant risk and control assessments that meet our assessment obligations.Key Responsibilities:
• Lead the development of strategy, objectives, and action plans for assurance obligations.
• Conduct multi-stakeholder meetings and participate in senior-level discussions.
• Engage with internal and external stakeholders, and customers
• Plan and manage multiple initiatives and projects.
• Maintain a deep understanding of the business domain and assurance obligations to shape successful execution plans.
• Recognize complexity within the program and propose simplified solutions.
• Assist stakeholders in making trade-off decisions by considering all data, including business goals, technical platform strategy, customer experience, and maintainability, with a relentless focus on the customer.
• Ensure ongoing compliance with statutory and regulatory requirements, anticipate future legislation, enforce adherence to requirements, and advise management on needed actions.
• Identify, collect, synthesize, and communicate risks and blockers concisely, accurately, and professionally for senior leadership to ensure alignment.
• Regularly define and review key success metrics for data-focused tracking and proactively seek out new and improved mechanisms for visibility, ensuring the program stays aligned with organizational objectives.
• Conduct risk assessments to identify potential security and availability risks and advise on the design and governance of controls to mitigate these risks.
About You:
• Bachelor's degree or equivalent combination of education and experience; a degree in computer science, information technology, or a related field is preferred.
• Professional certification like CISSP, CISA, CRISC, CIPP, or similar is a plus.
• Strong knowledge of IT general computer controls and related operations.
• Experience with control frameworks (e.g., SOC1, SOC2, ISAE3402/3000, ISO27001, GDPR).
• Strong interpersonal, communication, and presentation skills necessary for interaction with business leaders and teams across all levels of the organization.
• Strong negotiation and consensus-building skills.
• Previous experience in significant process improvements, with the ability to meet project deliverables.
• Contribute to a work environment that encourages knowledge of, respect for, and the development of skills to engage with those of other cultures and backgrounds.
Corporate Security Responsibility
All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:
Abide by Mastercard's security policies and practices;
Ensure the confidentiality and integrity of the information being accessed;
Report any suspected information security violation or breach, and
Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines.
Apply on company website
Find Connections via Linkedin
