Our Purpose

We work to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments and businesses realize their greatest potential. Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. We cultivate a culture of inclusion (https://www.mastercard.us/en-us/vision/who-we-are/diversity-inclusion.html) for all employees that respects their individual strengths, views, and experiences. We believe that our differences enable us to be a better team – one that makes better decisions, drives innovation and delivers better business results.

Title and Summary

Senior Risk and Control Analyst

OVERVIEW:

TeamONE (“The Operations, Network, and Employee Digital Experience teams focus on the underpinning platforms that power our Network and the employees that serve it”) frontline risk and controls team is a newly formed to establish both foundational and transformational risk management practice at Mastercard Technology from designing key control activities, monitoring such activities, and to leading risk remediation plan with TeamONE platform and program owners.

This is an exciting opportunity to be part of solving complex problems and work with great Mastercard technology leaders in operations and platforms, proactively monitoring and managing technology risks to protect Mastercard Technology and our customers.

In this role, you'll combine your technical expertise with your keen eye for detail to create and implement robust control activities that fortify TeamONE against threats and potential technical issues. If you're ready to be at the forefront of technological risk management, we invite you to bring your skills to our innovative and collaborative environment.

ROLE:

• Conduct assessments of IT controls and processes to identify deficiencies, deviations and compliance gaps.

• Lead and perform IT and operational control walkthroughs to determine existing process controls and adherence to control framework for the following key control areas: Patch Management, End-of-Life/End-of-Support, Access Management, Configuration Management, Disaster Recovery, Asset Tagging and Inventory Accuracy and Completeness, Logging and Monitoring, and Change Management.

• Develop and update control and process documentation, and relevant standards.

• Based on criticality and urgency, support remediation activities and link such activities back to monitor risk rating

• Partner with Technology Risk Management and 2nd line risk management teams for all risk related functions to ensure alignment on risk management methodology, practices, terminology, etc.

ALL ABOUT YOU:

• Technical Proficiency:

o Knowledge of IT general controls and related operations. Experience in Mainframe, Oracle, SQL, Unix/Linux, HP Nonstop and/or Windows environments.

o Knowledge of cybersecurity principles, best practices, and threat landscape.

o Ability to assess technology controls, vulnerabilities, and potential risks.

o General understanding of technology infrastructure.

• Risk Management Expertise:

o General knowledge of technology risk assessment and mitigation approaches.

o Experience in developing and implementing technology risk management frameworks and strategies.

o General understanding of industry standards and regulatory requirements related to technology risk management (e.g., ISO 27001, NIST Cybersecurity Framework).

• Regulatory and Compliance Knowledge:

o Experience in developing, performing or evaluating IT internal controls and testing.

o Ability to align the organization's technology practices with legal and regulatory standards.

• Execution and Communication:

o Demonstrate strong execution skills, consistently meeting and exceeding project deadlines, and goals.

o Demonstrate ability to work independently and in a team environment, ensuring tasks are completely thoroughly and accurately.

o Exceptional attention to detail with keen ability to identify errors or discrepancies in processes or documentation.

o Strong analytical skills to identify potential risks, assess their potential impact, and devise effective mitigation strategies.

o Excellent communication skills to effectively convey technical concepts to both technical and non-technical stakeholders.

o Ability to collaborate with cross-functional teams, including other technology, security, compliance, application / product teams, and business / regional teams.

• Qualifications (preferred but not required)

o Bachelor's degree in Information Technology, Computer Science, or a related field.

o Experience in evaluating compliance with legal, regulatory, operational and IT.

o Professional Certification or Designation (e.g., CISA, CIA, CISSP, or equivalent).

o Experience in payment eco systems.

Mastercard is an inclusive equal opportunity employer that considers applicants without regard to gender, gender identity, sexual orientation, race, ethnicity, disabled or veteran status, or any other characteristic protected by law. In the US or Canada, if you require accommodations or assistance to complete the online application process or during the recruitment process, please contact reasonable_accommodation@mastercard.com and identify the type of accommodation or assistance you are requesting. Do not include any medical or health information in this email. The Reasonable Accommodations team will respond to your email promptly.

Corporate Security Responsibility

All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:

• Abide by Mastercard’s security policies and practices;

• Ensure the confidentiality and integrity of the information being accessed;

• Report any suspected information security violation or breach, and

• Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.

In line with Mastercard’s total compensation philosophy and assuming that the job will be performed in the US, the successful candidate will be offered a competitive base salary based on location, experience and other qualifications for the role and may be eligible for an annual bonus or commissions depending on the role. Mastercard benefits for full time (and certain part time) employees generally include: insurance (including medical, prescription drug, dental, vision, disability, life insurance), flexible spending account and health savings account, paid leaves (including 16 weeks new parent leave, up to 20 paid days bereavement leave), 10 annual paid sick days, 10 or more annual paid vacation days based on level, 5 personal days, 10 annual paid U.S. observed holidays, 401k with a best-in-class company match, deferred compensation for eligible roles, fitness reimbursement or on-site fitness facilities, eligibility for tuition reimbursement, gender-inclusive benefits and many more.