Technology Risk Analyst

Technology Risk Analyst II

Our Purpose

Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we’re helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential.

Title and Summary

Technology Risk Analyst IIOverview

The Mastercard Technology Regulatory Execution team is seeking a Technology Risk Analyst II role. The role will be responsible for assessing the effectiveness of controls for the first line business, which is crucial for adhering to customer and regulatory mandates. In addition, the role would also include providing compliance support and monitoring and reporting on the ongoing operational efficacy of Mastercard’s Technology control framework. This role will be a pivotal component of the Mastercard Technology Regulatory Execution function.

Mastercard is committed to striking a balance between innovation and safeguarding its internal control posture. The team conducts assessments of internal controls to proactively identify risks, define remediation actions, and monitor remediation progress. We are seeking an individual to join our team and assist us in achieving these compliance objectives. This person will possess technical expertise, a propensity for problem-solving, and a drive to achieve outcomes.

Job Responsibilities

* Provide consultancy and central coordination for security and compliance activities, encompassing the implementation of ISO 27001, ISO 9001, and ISO 27701, as well as PCI standards within the organisation.
* Identify potential security risks and issues through control assessments and ensure their resolution within specified timelines.
* Establish and monitor remediation efforts both internally and externally until resolution, while simultaneously enhancing the design and operational efficiency of controls.
* Document the outcomes of assessments and prepare assessment reports for key stakeholders.
* Prepare compliance status reports and dashboards for key initiatives, plans, and audit tracking of current processes in accordance with management requirements.


About You:

• Experience:
- Ideal experience working within digital and technology functions, preferably in a compliance role.
- Reasonable understanding of security risk management frameworks such as ISO 27001/27002, ISO 9001, ISO 27701, and PCI.
- Bachelor’s degree or equivalent combination of education and experience, or a Bachelor’s degree in computer science, information technology, or a related field is preferred.
- One or more professional certifications like CISA or CISSP (desirable)
- Professional certifications ISO 27001, ISO 9001 Lead Auditor, and Implementer
- Reasonable understanding of information security domains and possesses a well-rounded technical background. Basic knowledge of infrastructure and application security is essential.
- Experience working on GRC tools like Archer would be a significant advantage.
- Excellent communication and problem-solving skills and able to collaborate across global team.
- Demonstrated experience in managing complex projects related to information security.

Corporate Security Responsibility

All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:

• Abide by Mastercard’s security policies and practices;

• Ensure the confidentiality and integrity of the information being accessed;

• Report any suspected information security violation or breach, and

• Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.

Experience Level

Mid Level