Mastercard Jobs

Job Information

MasterCard Principal, Technology Risk Analyst in O'Fallon, Missouri

Our Purpose

We work to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments and businesses realize their greatest potential. Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. We cultivate a culture of inclusion ( for all employees that respects their individual strengths, views, and experiences. We believe that our differences enable us to be a better team – one that makes better decisions, drives innovation and delivers better business results.

Job Title

Principal, Technology Risk Analyst


The Technology Risk Management team is looking for a Principal, Technology Risk Analyst to lead development of standard practices in the assessment of security controls supporting Mastercard’s Technology Policy. The ideal candidate is technically competent in risk practices and information security with a desire to identify opportunities to drive toward a goal of “assess once, apply many”. We are seeking a highly-motivated candidate for this key role which will drive delivery of 5 security frameworks over the next 5 years for Mastercard.


In this position, you will:

• Assist in development and support of control standards and implement industry security frameworks

• Analyze control strength and recommend improvements

• Ensure that controls map to appropriate standards and policies

• Assist and support the assessment and Mastercard’s certification in various industry standards

• Work with colleagues in business, technology, and policy domains to collect and enter data needed by risk management tools

• Lead the dissemination of reporting to customers across the company

• Support managers developing action plans addressing shortfalls in the control environment

• Play a key role in mapping policies and standards to control domains

• Proactively identify opportunities for improvements in assessment practices, policy documentation, and control implementation/testing

• Regularly update senior managers on the effectiveness of key tools and develop roadmaps for improvement

• Be familiar with ISO 27001, NIST Cybersecurity Framework, HiTrust, Cybersecurity Maturity Model, CRI, PCI.

• Assist in implementing technology, security, and risk standards and best practices that address software development, engineering, interoperability, data governance, and privacy principles.

• Mature security controls environment to support efficient application across multiple standards and frameworks.

All About You

The ideal candidate for this position should:

• Have sufficient knowledge and experience in information security and technology risk management to self-identify opportunities to integrate key tools into complex processes

• Quick learn the organizational structure and key players in a large-scale, dynamic technology company

• Consistently display a customer-service mindset, centered on actively seeking out needs that you can meet

• Be proficient at project management, and able to direct and control SOW teams

• Have the capacity and focus to collect and analyze data on control environments at a high level of detail and completeness

• Be comfortable interacting directly with management at all levels, articulate technical details with business acumen, and gain agreement on plans for improvement

COVID-19 Considerations

We value the safety of each member of our community because we know we’re all in this together. In many locations, which may change over time, we’ve implemented a virtual hiring process and continue to interview candidates by video or phone. In addition, in some locations, only individuals who have been fully vaccinated will be permitted inside Mastercard offices until further notice.

In the US, Mastercard is a government contractor, which may legally require most Mastercard employees to be vaccinated unless a verified approved medical or religious exemption is granted. Further, we are currently making every effort towards having employees return to work in the office 2 days per week, if that makes sense for their team. Everyone must be vaccinated to enter Mastercard offices at this time. Therefore, we expect all candidates to be vaccinated or to be approved for a medical or religious accommodation prior to commencing work at Mastercard.

In the US, Mastercard is an inclusive Equal Employment Opportunity employer that considers applicants without regard to gender, gender identity, sexual orientation, race, ethnicity, disabled or veteran status, or any other characteristic protected by law. If you require accommodations or assistance to complete the online application process, please contact and identify the type of accommodation or assistance you are requesting. Do not include any medical or health information in this email. The Reasonable Accommodations team will respond to your email promptly.

Corporate Security Responsibility

All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:

  • Abide by Mastercard’s security policies and practices;

  • Ensure the confidentiality and integrity of the information being accessed;

  • Report any suspected information security violation or breach, and

  • Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.

Requisition ID: R-158961