We are seeking a candidate with operational resilience experience to join our 2nd line risk team. This role is critical to ensuring the operational resilience of our infrastructure, safeguarding against disruptions/incidents, and mitigating risks that could impact services to our customers. Working closely with Biz Ops and Engineering teams proactively monitoring and managing technology risks to protect Mastercard and our customers.

We are seeking a candidate with operational resilience and preferably risk management experience to join our 2nd line risk team. This role is key to ensuring the operational resilience of our infrastructure, safeguarding against disruptions/incidents, and risks are mitigated which could impact services to our customers. Working closely with business risk owners, the 1st line risk team, Tech Risk Management (TRM), Biz Ops, and Engineering teams in order to ensure robust governance frameworks are in place to assess, monitor, and mitigate risks effectively. This involves actively engaging with stakeholders to validate risk assessments, challenge assumptions, and enforce compliance with established policies and procedures. Additionally, the incumbent will contribute to the development and enhancement of governance structures to foster a culture of risk awareness and accountability across the organization.

Responsibilities include the following:

• Partner with Mastercard global Technology Risk Management and Biz Ops teams for all risk related activity to ensure alignment on risk management methodology and practices.
• Conduct independent assessments of the first line's internal controls, scrutinizing their design and effectiveness to identify deficiencies, deviations, and compliance gaps, while providing constructive challenge and recommendations for enhancement
• Develop and update risk and control process documentation
• Liaise with and support the risk and control owners to resolve any questions, queries and problems relating to technology risks
• Provide risk briefings to the management ensuring risks, issues and appetite breaches are monitored and escalated thoughtfully
• Work with control owners to collect security and operational metrics required for management reports and dashboards
• Coordinate internal and external audits including but not limited to gathering, reviewing, and storing of evidence, scheduling meetings with stakeholders, liaising with internal control owners and the external auditors to ensure smooth completion of the audits.
• Ensuring the reslience and effectiveness of our services, with strong internal partner management and external relationship management of key vendors
• Collaborate with internal and external partners, ensuring that appropriate frameworks are in place with third parties to mitigate risks and deliver maximum value
• Manage and oversight the operational and resilience and associated risks of our supply chain, against the backdrop of evolving external regulatory requirements
• Provide input to scenario testing, running pilots and designing templates for vulnerabilities
• Developing and providing training and communications to reinforce and embed key requirements
• Identify and evaluate resilience solutions against a range of criteria to find the ones that best meet business needs

All About You

• Relevant experience of working in a complex (preferably global) stakeholder environment that includes complex customers and regulators.
• Experience of working in regulated payments and financial services
• Ability to assess technology controls, vulnerabilities, and potential risks
• Experience in handling regulatory and customer audits, conducting assessments and good understanding of governance, risk and compliance practices.
• Excellent communication skills with both technical and non-technical stakeholders
• Ability to develop trusted relationships with peers and senior stakeholders.
• A strong understanding of risk strategy and frameworks with an ability to identify, articulate and manage risks as well as the wider evolving regulatory landscape for resilience
• Strong time management and organisational skills
• Previous exposure to Linux and/or Windows Operating Systems, coding languages, and/or Networks
• Ability to articulate themselves clearly and concisely to a broad range of senior and junior stakeholders
• Strong influencing skills; organizationally savvy
• Problem solving - excellent analysis and deductive skills

Corporate Security Responsibility

All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:

• Abide by Mastercard's security policies and practices;
• Ensure the confidentiality and integrity of the information being accessed;
• Report any suspected information security violation or breach, and
• Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines.