Logo
MasterCard

Senior Technology Risk Analyst

MasterCard, O Fallon, MO


Our Purpose

We work to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments and businesses realize their greatest potential. Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. We cultivate a culture of inclusion for all employees that respects their individual strengths, views, and experiences. We believe that our differences enable us to be a better team - one that makes better decisions, drives innovation and delivers better business results.

Title and Summary

Senior Technology Risk Analyst

The Mastercard Technology Risk Team is looking for a Senior Technology Risk Analyst to support an assurance and controls program supporting various security and technology requirements to meet customer and regulatory obligations for Mastercard services in key markets across the world. Focus will be on providing compliance support, project management, monitoring, and reporting of the design and ongoing operating effectiveness of the internal control environment. This role is a pivotal part of the Mastercard technology risk function and supports Mastercard's commitment to balancing innovation while protecting the internal control posture. The team identifies and assesses internal controls to proactively identify risks, define remediation actions and track remediation efforts. We are looking for someone to join our team and help us meet these compliance goals.

The ideal candidate will have the ability to think and act both strategically and tactically while ensuring that the corporation remains compliant with required regulatory, security, technology, and financial standards, as well as industry best practices.

Responsibilities:
• Assist in leading assurance directives, engage with internal partners to help build control (transaction/business process oriented, technology and security) frameworks to ensure needs and expectations over various key programs and initiatives driven by Company and Technology Risk Management aligned strategies.
• Partner with business key stakeholders to enhance and build compliance expectations and checklists including test plans (pre and post deployment validation activities), procedures and evidence expectations mapped to control requirements.
• Execute control validation of various operational and business areas to assess potential risks or control gaps
• Perform project management activities to ensure effective delivery of projects. This includes tracking via appropriate tools/channels, developing appropriate cadence of stand-ups, and effective reporting.
• Support the development of new processes to ensure scalability and sustainability of the control programs
• Track remediation internally and externally through to resolution to help improve design and operational effectiveness of controls
• Report formally on the results of assurance objectives, controls, and risk assessments
• Help develop and maintain reports, metrics and presentations of progress and results for meetings with various stakeholders and senior leadership

About You:
• Demonstrated ability to operate with independence and autonomy
• Very flexible and with a strong ability to see what needs done, take ownership and act on it without detailed supervision
• Familiarity with the financial services industry and payment processing industry
• Experience with technology audits over application, infrastructure, and processes
• Experience with control frameworks (e.g., SOC1/2, SOX, ISO 27000, ISAE 3000/3402)
• Experience with documenting control activities, test procedures, validation execution, issue write-up and disposition, metrics reporting, presentation
• Bachelor's degree or equivalent combination of education and experience/Bachelor's degree in computer science, information technology or related field preferred
• Strong interpersonal, communication and presentation skills necessary for interaction with business leaders and teams across all levels of the organization
• Experience with agile development and work management tools, a plus
• Professional certification like CISSP/CISA/CRISC or similar, a plus
• Contribute to work environment that encourages knowledge of, respect for, and the development of skills to engage with those of other cultures and backgrounds

Mastercard is an inclusive equal opportunity employer that considers applicants without regard to gender, gender identity, sexual orientation, race, ethnicity, disabled or veteran status, or any other characteristic protected by law. In the US or Canada, if you require accommodations or assistance to complete the online application process or during the recruitment process, please contact [redacted] and identify the type of accommodation or assistance you are requesting. Do not include any medical or health information in this email. The Reasonable Accommodations team will respond to your email promptly.

Corporate Security Responsibility

All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:
  • Abide by Mastercard's security policies and practices;
  • Ensure the confidentiality and integrity of the information being accessed;
  • Report any suspected information security violation or breach, and
  • Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines.
In line with Mastercard's total compensation philosophy and assuming that the job will be performed in the US, the successful candidate will be offered a competitive base salary based on location, experience and other qualifications for the role and may be eligible for an annual bonus or commissions depending on the role. Mastercard benefits for full time (and certain part time) employees generally include: insurance (including medical, prescription drug, dental, vision, disability, life insurance), flexible spending account and health savings account, paid leaves (including 16 weeks new parent leave, up to 20 paid days bereavement leave), 10 annual paid sick days, 10 or more annual paid vacation days based on level, 5 personal days, 10 annual paid U.S. observed holidays, 401k with a best-in-class company match, deferred compensation for eligible roles, fitness reimbursement or on-site fitness facilities, eligibility for tuition reimbursement, gender-inclusive benefits and many more.