MasterCard Senior Analyst, Corporate Security Risk Management in London, United States
Who is Mastercard?
We are the global technology company behind the worlds fastest payments processing network. We are a vehicle for commerce, a connection to financial systems for the previously excluded, a technology innovation lab, and the home of Priceless ®. We ensure every employee has the opportunity to be a part of something bigger and to change lives. We believe as our company grows, so should you. We believe in connecting everyone to endless, priceless possibilities.
Senior Analyst, Corporate Security Risk Management
The Risk Management team is responsible for establishing and maintaining the Corporate Security risk management program at Mastercard.
The program is intended to ensure the companys information assets and systems are managed in accordance with corporate security policies and standards, providing adequate protection of the environment.
The risk management team is the \"process owner\" for all security related risk assessments as well as the identification and tracking of discrete risks and policy exceptions.
A crucial element of the risk management team is working with enterprise risk management, operational risk management and corporate security leaders to document acceptable levels of residual risk as it relates to the security program and the controls implemented for the purposes of risk reduction.
Do you possess in-depth knowledge of risk management from the financial services sector?
Do you possess strong thought leadership? Are you an effective internal consultant?
Do you possess domain competencies in a number of IT risk-related disciplines, including security, business continuity, privacy and compliance?
Perform risk assessment activities, including the planning, testing, reporting and recommending of appropriate remediation measures.
Track and monitor risk mitigation and coordination of policy and controls to ensure that business partners are taking effective remediation steps.
Maintain up-to-date understanding of industry best practices and monitor the legal and regulatory environment for developments that could require changes to established IT policies and practices.
Work directly with teams from enterprise risk management, operational risk management and corporate security departments to facilitate IT risk analysis, identify acceptable levels of residual risk and establish roles and responsibilities related to risk reduction and closing of gaps.
Provide data analysis and strategy execution across risk areas, leveraging an understanding of risk and regulation
Supports cross-functional initiatives to deliver on risk goals, policies and procedures
Develops risk processes, including identifying and implementing best practices and ensuring all processes are documented, reviewed and updated regularly
Understand and support the Corporate Security risk strategies
All About You
Experience of working with broad range of standards, frameworks and methodologies for example, PCI-DSS, ISO2700 series, NIST (CSF, 800-53), CMMI and etc.
Experience of working with common risk management methodologies for example, ISO (27005/31000), NIST (800-30/800-37), COSO, FAIR.
Significant experience in performing risk management activities, with an ability to translate risk information/concerns in order to articulate key messages.
Experience delivering presentations and supporting messaging to senior leadership
At a minimum, intermediate level of expertise in IT risk management or a related discipline for example, security, privacy, business continuity management or compliance.
Education: Bachelor of Science, with a focus on IT or IT risk-related disciplines or equivalent experience.
Beneficial Professional Certifications:
CISSP - Certified Information Systems Security Professional
CRISC - Certified in Risk and Information Systems Controls
CRM - Certified Risk Manager
Mastercard is an inclusive Equal Employment Opportunity employer that considers applicants without regard to gender, gender identity, sexual orientation, race, ethnicity, disabled or veteran status, or any other characteristic protected by law.
Requisition ID: R-68988