Lead Technology Controls Governance

Our Purpose

Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we're helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential.

Title and Summary

Lead Technology Controls Governance

Overview

The Technology Controls Governance team is looking for a Lead Technology Risk Analyst to drive our mission of maturing Mastercard's technology risk and control environment by helping establish, maintain, and refine standard requirements, control frameworks, procedures, platforms, and tools to enable the enterprise. The objectives of this team are anchored in establishing and operationalizing Mastercard's internal technology common control framework that encompasses a wide variety of regulatory, industry, and customer framework requirements.

The ideal candidate is well-versed in and passionate about risk and controls. They should be able to operate independently, think and act both strategically and tactically, and have confidence in helping drive change amongst a broad set of stakeholders throughout the enterprise: product, operations, engineering, risk professionals, and internal/external assessors.

This role requires an extensive risk and control background to define and influence control requirements and guidance, as well as product development to introduce and manage tools that stakeholders can leverage to inventory, evidence, and test their controls.

Role

In this governance function, you will:

Support key initiatives to guide and enable Mastercard's technology product teams to mature our technology risk and control posture.

Lead efforts to maintain and enhance Mastercard's existing internal technology control framework, including refining internal control expectations derived from Mastercard Technology Standards, and performing and validating mappings of the internal control framework to regulatory, industry and customer requirements and frameworks.

Partner with Technology Standard Owners to understand the intent of their requirements and define key classifications that drive scope and ownership of each control expectation

Manage the development and enhancement of risk and control tooling

Partner directly with technology product, risk, compliance teams as well as second line of defense oversight teams to inform and drive our team's strategic initiatives

Support the establishment and maintenance of our team's formal standards, procedure documents, user guides, SharePoint site, our own controls and reference materials.

All About You

The ideal candidate for this position should:

Look at everything through the eyes of our internal stakeholders (who often do not have risk and control backgrounds) and work towards establishing guidance, processes, and tools that enable our stakeholders in a simplified, standardized, and intuitive fashion

Have ADVANCED experience with documenting control guidance, control activities, test procedures, issue write-up and disposition, and metrics reporting

Be skilled at explaining business and technical requirements succinctly and clearly. This role works and frequently meets with both business and technical stakeholders, our partners in the development of risk and control tooling.

Be a strong, confident, and precise writer and speaker, enabling you to communicate your vision and roadmap effectively to a wide variety of stakeholders. Strong interpersonal communication and presentation skills necessary for interaction with business leaders and teams across all levels of the organization.

Anticipate challenges and always look for potential solutions to solve them.

Demonstrated ability to operate with independence and autonomy, and has a strong sense of initiative to see what needs to be done, take ownership, and act on it without detailed instruction or supervision

Contribute to a work environment that encourages knowledge of, respect for, and the development of skills to engage with those of other cultures and backgrounds

Desirable Background:

Familiarity with the financial services industry and payment processing industry

Experience with technology audits over application, infrastructure, and processes

Experience with industry, regulatory and customer control frameworks (e.g., SOC1/2, SOX, ISO 27000, ISAE 3000/3402, NIST, RBI, CROE, PCI, CRI, UCF)

Bachelor's degree or equivalent combination of education and experience in computer science, information technology, accounting, audit or related fields preferred

Experience with agile development and work management tools (JIRA, Monday.com)

Professional certification like CISSP/CISA/CRISC or similar, a plus

Mastercard is a merit-based, inclusive, equal opportunity employer that considers applicants without regard to gender, gender identity, sexual orientation, race, ethnicity, disabled or veteran status, or any other characteristic protected by law. We hire the most qualified candidate for the role. In the US or Canada, if you require accommodations or assistance to complete the online application process or during the recruitment process, please contact and identify the type of accommodation or assistance you are requesting. Do not include any medical or health information in this email. The Reasonable Accommodations team will respond to your email promptly.

Corporate Security Responsibility

All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:

• Abide by Mastercard's security policies and practices;
• Ensure the confidentiality and integrity of the information being accessed;
• Report any suspected information security violation or breach, and
• Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines.

In line with Mastercard's total compensation philosophy and assuming that the job will be performed in the US, the successful candidate will be offered a competitive base salary and may be eligible for an annual bonus or commissions depending on the role. The base salary offered may vary depending on multiple factors, including but not limited to location, job-related knowledge, skills, and experience. Mastercard benefits for full time (and certain part time) employees generally include: insurance (including medical, prescription drug, dental, vision, disability, life insurance); flexible spending account and health savings account; paid leaves (including 16 weeks of new parent leave and up to 20 days of bereavement leave); 80 hours of Paid Sick and Safe Time, 25 days of vacation time and 5 personal days, pro-rated based on date of hire; 10 annual paid U.S. observed holidays; 401k with a best-in-class company match; deferred compensation for eligible roles; fitness reimbursement or on-site fitness facilities; eligibility for tuition reimbursement; and many more. Mastercard benefits for interns generally include: 56 hours of Paid Sick and Safe Time; jury duty leave; and on-site fitness facilities in some locations.

Pay Ranges
O'Fallon, Missouri: $109,000 - $180,000 USD