Job
Description
As a Risk Analyst in the Technology Regulatory Relations and Market Compliance (RRMC) organization at Mastercard, your role will involve being a part of a multi-disciplinary team that focuses on technology and security risk management practices. Your key responsibilities will include: - Assisting in the preparation and maintenance of a consolidated control framework - Supporting the preparation of a centralized inventory of security and technology risk management requirements and assurance expectations - Providing guidance to business owners in analyzing business and functional requirements resulting from regulations and customer contracts - Assessing the impact of business, market, and regulatory landscape changes on controls and practices - Supporting customer and regulatory examinations by providing accurate information, related documentation, and evidence - Assisting in completing customer and regulatory inquiries and requests for information - Preparing periodic customer and regulator meetings and reporting - Performing compliance monitoring and pre-audit readiness reviews - Collecting, sorting, and maintaining audit evidence repository and tracking open items to closure - Assisting with certification efforts such as SOC, ISO, PCI - Reviewing reports of related parties and tracking ecosystem compliance through System Audit Reports (SARs) and System Audit Questionnaires (SAQs) To excel in this role, you are expected to have: - A strong understanding of technology and cybersecurity risk management practices - Experience in handling regulatory and customer audits, conducting assessments, and understanding governance, risk, and compliance practices - Excellent communication and people management skills with stakeholder management experience - Ability to navigate ambiguity, cultural awareness, sensitivity, and collaboration with cross-regional teams - A team player mindset with a strong focus on business and operations - Knowledge of Risk and Control Framework standards such as NIST, ISO, PCI-DDS, SOC - Knowledge of laws, regulations, policies, and ethics related to cybersecurity and IT management (e.g., GDPR, FBA, CBA, PFMI) - Knowledge of Mastercard products, technology, security, and risk management programs and practices desired In addition, as part of your corporate security responsibility, it is expected that you: - Abide by Mastercard's security policies and practices - Ensure the confidentiality and integrity of the information being accessed - Report any suspected information security violation or breach - Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines Your work will play a crucial role in demonstrating how Mastercard complies with security and technology promises, commitments, and obligations to stakeholders. As a Risk Analyst in the Technology Regulatory Relations and Market Compliance (RRMC) organization at Mastercard, your role will involve being a part of a multi-disciplinary team that focuses on technology and security risk management practices. Your key responsibilities will include: - Assisting in the preparation and maintenance of a consolidated control framework - Supporting the preparation of a centralized inventory of security and technology risk management requirements and assurance expectations - Providing guidance to business owners in analyzing business and functional requirements resulting from regulations and customer contracts - Assessing the impact of business, market, and regulatory landscape changes on controls and practices - Supporting customer and regulatory examinations by providing accurate information, related documentation, and evidence - Assisting in completing customer and regulatory inquiries and requests for information - Preparing periodic customer and regulator meetings and reporting - Performing compliance monitoring and pre-audit readiness reviews - Collecting, sorting, and maintaining audit evidence repository and tracking open items to closure - Assisting with certification efforts such as SOC, ISO, PCI - Reviewing reports of related parties and tracking ecosystem compliance through System Audit Reports (SARs) and System Audit Questionnaires (SAQs) To excel in this role, you are expected to have: - A strong understanding of technology and cybersecurity risk management practices - Experience in handling regulatory and customer audits, conducting assessments, and understanding governance, risk, and compliance practices - Excellent communication and people management skills with stakeholder management experience - Ability to navigate ambiguity, cultural awareness, sensitivity, and collaboration with cross-regional teams - A team player mindset with a strong focus on business and operations - Knowledge of Risk and Control Framework standards such as NIST, ISO, PCI-DDS, SOC - Knowledge of laws, regulations, policies, and ethics related to cybersecurity and IT management (e.g., GDPR, FBA, CBA, PFMI) - Knowledge of
