Mastercard Jobs

Job Information

MasterCard Counsel, Privacy Compliance, Privacy and Data Protection in Amsterdam, Netherlands

Our Purpose

We work to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments and businesses realize their greatest potential. Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. We cultivate a culture of inclusion ( for all employees that respects their individual strengths, views, and experiences. We believe that our differences enable us to be a better team – one that makes better decisions, drives innovation and delivers better business results.

Job Title

Counsel, Privacy Compliance, Privacy and Data Protection

Counsel, Privacy Compliance, Privacy and Data Protection

Mastercard is committed to balancing innovation while protecting individual privacy and has embraced privacy and data protection as core to the successful execution of its business strategy. As part of that commitment Mastercard has established a world-class privacy program and is currently adding talent to its global team.

The Counsel, Privacy Compliance, Privacy and Data Protection, will be responsible for compliance with privacy, data and cyber laws and the assessment, remediation and management of risk associated with third-parties, including ensuring that third-party risks are appropriately identified and escalated within the organization.

The position and will be a key contributor to the success of Mastercard’s Global Privacy Program and will ensure privacy and data protection law and our policies, standards and procedures are appropriately implemented and maintained

The Counsel, Privacy Compliance, Privacy and Data Protection will report to the Senior Counsel, Third-Party Risk Management (TPRM) and Privacy and Data Protection, and will be a member of the Global Privacy & Data Protection team as well as a member of the Law & Policy (L&P) team. The position partners with other risk, compliance and control functions.

The ideal candidate will have the ability to think and act both strategically and tactically while also having deep experience in and understanding compliance with privacy and data laws in the context of third-party service providers. This position will be based preferably in the US (Purchase, Miami, Seattle) or EU (Amsterdam).

Core Responsibilities:

The Counsel, Privacy Compliance, Privacy and Data Protection will support the design and maintenance and strategic direction of privacy and data related compliance and risk management processes for third-party service providers, building upon existing, comprehensive TPRM and Privacy and Data Protection programs in this regard. The role will advise and implement key privacy and data requirements and collect, analyze and validate key risks associated with third parties ensuring compliance with the company’s privacy risk appetite and demonstrating Mastercard’s best-in-class compliance with all relevant privacy and data laws globally. These laws include: Gramm Leach Bliley Act (GLBA), Federal Trade Commission (FTC) requirements and guidelines, the EU General Data Protection Regulation (“GDPR”), the California Consumer Protection Act (“CCPA”), the Canadian - Personal Information Protection and Electronic Documents Act (PIPEDA), the Singaporean Personal Data Protection Act, the Brazil General Data Protection Act (“GDPA”) among others. As such, this position will:

• Design processes to support third-party compliance, risk assessment and issue management in accordance with strict privacy and data laws and company policy and standard;

• Conduct privacy reviews adopting a risk-based approach; assist relevant business teams in identifying and implementing appropriate controls to mitigate any compliance gaps, document the findings and mitigating controls;

• Coordinate and align risk assessment processes and insights with third-party contractual negotiations;

• Assist with third-party contract negotiations, third-party reviews and audits, including aligning with the global privacy team and internal/external stakeholders;

• Partner and escalate key risks to internal stakeholders, develop reports and dashboards, and support record-keeping of risk management decisions;

• Support external privacy audits and responses to other external stakeholders; and,

• Work to standardize and automate privacy risk processes in close cooperation with the Privacy, third-party risk management and GBSC teams, including supporting privacy certification programs.

COVID-19 Considerations

In many locations, we’ve implemented a virtual hiring process and continue to interview candidates by video or phone. In addition, in our NYC offices, as required by law, only individuals who have been fully vaccinated against COVID-19 will be permitted inside Mastercard offices unless a reasonable accommodation has been approved in advance.

Corporate Security Responsibility

All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:

  • Abide by Mastercard’s security policies and practices;

  • Ensure the confidentiality and integrity of the information being accessed;

  • Report any suspected information security violation or breach, and

  • Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.

Requisition ID: R-178235