We work to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments and businesses realize their greatest potential. Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. We cultivate a culture of inclusion for all employees that respects their individual strengths, views, and experiences. We believe that our differences enable us to be a better team – one that makes better decisions, drives innovation and delivers better business results.
Job TitleManager, Technology Risk ManagementThe Mastercard Technology Risk Team in Europe is looking for a Technology Assurance Manager to oversee the controls assurance programs for Mastercard Payment Services in Norway covering ISOs and ISAEs and Mastercard Payment Services in Denmark covering ISAEs. These programs are supporting various security requirements to meet customer and regulatory obligations for Mastercard. Focus will be on providing compliance support, monitoring, and reporting of the ongoing operating effectiveness of the internal control environment. This role is a pivotal part of the Mastercard technology risk function and supports Mastercard's commitment to balancing innovation while protecting the internal control posture. The team assesses internal controls to proactively identify risks, define remediation actions and track remediation efforts. We are looking for someone to join our team and help us meet these compliance goals.
The ideal candidate will have the ability to think and act both strategically and tactically while ensuring that the corporation remains compliant with required security, technology, and financial standards, as well as industry best practices.
• Engage with customers to develop control frameworks to ensure needs and expectations over service assurance is met for our various certifications (e.g., ISO 27001, ISO 9001 & ISAEs)
• Engage with the auditors to develop, mature and then test the control framework to ensure objectives are met and risk is managed effectively
• Develop, plan, and execute control assessments of various operational and business areas to assess potential risks or control gaps
• Establish and track remediation internally and externally through to resolution whilst improving design and operational effectiveness of controls
• Understand the materiality of findings to the live service
• Reduce error ratings and risk exposure as a result of gaps in control performance
• Report formally on the results of assurance/certification objectives, controls and risk assessments
• Develop and maintain reports, metrics and presentations of progress and results for meetings with customers and regulators
• Develop and manage risk processes, including identifying and implementing best practices and ensuring all processes are documented, reviewed and updated regularly
• Provide data analysis and strategy execution across risk areas, leveraging an understanding of risk and regulation
• Manage internal control inquiries from both internal and external stakeholders
• Experience successfully implementing control frameworks (e.g., ISAE 3402 & 3000)
• Bachelor's degree or equivalent combination of education and experience/Bachelor's degree in computer science, information technology or related field preferred
• Strong interpersonal, communication and presentation skills necessary for interaction with business leaders and teams across all levels of the organization
• Must have a professional certification like CISSP/CISA/CRISC or similar
• Contribute to work environment that encourages knowledge of respect for and development of skills to engage with those of other cultures and backgrounds.
• The ability to push back and challenge decisions
• Strong negotiation and consensus building skills
• Familiarity with the financial services industry and payment processing industry, a plus
• Familiarity with GDPR, cloud services or SWIFT CSP, a plus
We value the safety of each member of our community because we know we're all in this together. In many locations, which may change over time, we've implemented a virtual hiring process and continue to interview candidates by video or phone. In addition, in some locations, only individuals who have been fully vaccinated will be permitted inside Mastercard offices until further notice.
In the US, Mastercard is a government contractor, which may legally require most Mastercard employees to be vaccinated unless a verified approved medical or religious exemption is granted. Further, we are currently making every effort towards having employees return to work in the office 2 days per week, if that makes sense for their team. Everyone must be vaccinated to enter Mastercard offices at this time. Therefore, we expect all candidates to be vaccinated or to be approved for a medical or religious accommodation prior to commencing work at Mastercard.
Corporate Security Responsibility
All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:
- Abide by Mastercard's security policies and practices;
- Ensure the confidentiality and integrity of the information being accessed;
- Report any suspected information security violation or breach, and
- Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines.
Apply on company website