Job
Description
Dynamic Yield, a Mastercard company, is seeking a Director, Technology Risk Management to lead and build our strategy for designing and implementing assurance requirements. This role is crucial for meeting customer and regulatory expectations regarding security and availability risk and controls, primarily through assurance products like SOC 2 . You will coordinate and advise management to ensure all customer and regulatory obligations for the Payment Gateway Service are meticulously considered. This includes reviewing strategic plans, identifying necessary risks and controls per Mastercard policies, and designing relevant risk and control assessments. Key Responsibilities As Director, Technology Risk Management, you will: Strategy & Planning: Lead the development of strategy, objectives, and action plans for all assurance obligations. Stakeholder Engagement: Conduct multi-stakeholder meetings, participate in senior-level discussions, and engage with internal and external stakeholders and customers. Program Management: Plan and manage multiple initiatives and projects simultaneously. Business Acumen: Maintain a deep understanding of the business domain and assurance obligations to shape successful execution plans. Solution Simplification: Recognize complexity within the program and propose simplified solutions. Decision Support: Assist stakeholders in making trade-off decisions by considering all relevant data, including business goals, technical platform strategy, customer experience, and maintainability, with a relentless focus on the customer. Compliance & Regulation: Ensure ongoing compliance with statutory and regulatory requirements, anticipate future legislation, enforce adherence, and advise management on necessary actions. Risk Communication: Identify, collect, synthesize, and communicate risks and blockers concisely, accurately, and professionally to senior leadership to ensure alignment. Performance Metrics: Regularly define and review key success metrics for data-focused tracking and proactively seek out new and improved mechanisms for visibility, ensuring the program stays aligned with organizational objectives. Risk Assessment & Control: Conduct comprehensive risk assessments to identify potential security and availability risks, and advise on the design and governance of controls to mitigate these risks. About You Education: Bachelor's degree or an equivalent combination of education and experience is required. A degree in computer science, information technology, or a related field is preferred. Certifications: Professional certification like CISSP, CISA, CRISC, CIPP , or similar is a strong plus. Technical Knowledge: Strong knowledge of IT general computer controls and related operations. Control Frameworks: Experience with various control frameworks ( e.g., SOC1, SOC2, ISAE3402/3000, ISO27001, GDPR ). Communication: Strong interpersonal, communication, and presentation skills are necessary for effective interaction with business leaders and teams across all organizational levels. Negotiation: Strong negotiation and consensus-building skills. Process Improvement: Previous experience in significant process improvement projects, with a demonstrated ability to meet project deliverables. Cultural Competence: A commitment to contributing to a work environment that encourages knowledge of, respect for, and the development of skills to engage with individuals from diverse cultures and backgrounds.
