Lead Technology Risk Analyst – Security Standards and Risk Forums

Our Purpose

We work to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments and businesses realize their greatest potential. Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. We cultivate a culture of inclusion (https://www.mastercard.us/en-us/vision/who-we-are/diversity-inclusion.html) for all employees that respects their individual strengths, views, and experiences. We believe that our differences enable us to be a better team – one that makes better decisions, drives innovation and delivers better business results.

Job Title

Lead Technology Risk Analyst – Security Standards and Risk Forums


The Technology Risk Management (TRM) organization is a business enabler and industry leader of technology and security risk management practices, supported by a multi-disciplinary team of top security, technology, and risk professionals. Our mission is to exceed stakeholder expectations by providing enhanced visibility and proactive management of technology risks and ensuring strong security and sound operational environment.

The Risk Governance & Operations (RG&O) team within TRM is looking for a Lead Technology Risk Analyst – Technology Standards and Risk Forums to support programs and practices that enable Mastercard to meet applicable requirements and regulations regarding technology standards governance and risk forums management, across all technology domains other than information security. The ideal candidate is a strong program manager, well-versed in technology risk governance, highly motivated, intellectually curious, and able to work with a diverse and senior stakeholder group to ensure that Mastercard’s technology standards and risk forums meet all relevant stakeholder requirements and are demonstrably best-in-class.


Support the management of the company’s portfolio of technology policies and standards, across all domains other than information security; ensure that the standards governance program evolves as stakeholder needs, industry best practices, and technology capabilities change over time; and be a thought leader and subject matter resource on technology standards governance and management.

Work closely with the owners of each technology policy or standard to ensure that the standards are complete, current, clear, and compliant with all relevant internal and external requirements (e.g., regulatory expectations, industry framework best practices); facilitate both regular and ad-hoc reviews and updates of the various policies and standards according to the cadence established by TRM management.

Partner with owners of other policies and standards which, although not owned by Mastercard Operations & Technology, have implications for the company’s technology practices, to ensure that such standards are aligned with the technology and standard portfolio and all governance requirements.

Coordinate with the owners of each policy or standard, along with relevant communications, training, and compliance teams, to ensure that new or modified standards are appropriately communicated to all impacted stakeholders, and that an appropriate compliance program is in place to monitor adherence to all standards in effect.

Negotiate changes in policy and standards among teams with competing interests and drive consensus.

Coordinate with Stakeholder Assurance and other partners as needed to “tell the story” regarding Mastercard’s approach to technology policy and standard governance as needed in support of customer, regulatory, and internal audits, examinations, or reviews.

Support the management and administration of the quarterly Technology Risk Committee (TRC) risk forum (and any other risk forums that may be developed or incorporated into the scope of this team), ensuring that agendas are aligned with other risk forums and relevant internal review cadences, participants are briefed on agendas and relevant supporting documents well in advance of forum meetings, and all action items are tracked and completed as committed during form meetings.

All About You

The ideal candidate for this role will:

Be a strong program management professional with significant experience in technology risk management / governance program administration.

Be well-versed in current industry practices, regulatory expectations, and emerging trends regarding technology governance and policy / standards portfolio management. Financial services sector / payments industry experience highly desired.

Have excellent written and verbal communication skills, including technical writing.

Know how to manage stakeholder relationships and navigate scenarios in which divergent stakeholder viewpoints and requirements may exist, and sometimes may appear to conflict.

Embrace The Mastercard Way – our culture of relentless focus on our customers (both internal and external) through ownership and empowerment, simplification, thoughtful risk-taking, and delivering with speed and agility.

Have a degree in the management of technology risk, operational riskinformation security, or information technology; or a similar / related discipline.

Be familiar with the Archer GRC platform.

Ideally, have a strong knowledge of Mastercard’s products and technologies, as well as the company’s broader risk management practices and capabilities.

COVID-19 Considerations

We value the safety of each member of our community because we know we’re all in this together. In many locations, which may change over time, we’ve implemented a virtual hiring process and continue to interview candidates by video or phone. In addition, in some locations, only individuals who have been fully vaccinated will be permitted inside Mastercard offices until further notice.

In the US, Mastercard is a government contractor, which may legally require most Mastercard employees to be vaccinated unless a verified approved medical or religious exemption is granted. Further, we are currently making every effort towards having employees return to work in the office 2 days per week, if that makes sense for their team. Everyone must be vaccinated to enter Mastercard offices at this time. Therefore, we expect all candidates to be vaccinated or to be approved for a medical or religious accommodation prior to commencing work at Mastercard.

In the US, Mastercard is an inclusive Equal Employment Opportunity employer that considers applicants without regard to gender, gender identity, sexual orientation, race, ethnicity, disabled or veteran status, or any other characteristic protected by law. If you require accommodations or assistance to complete the online application process, please contact reasonable_accommodation@mastercard.com and identify the type of accommodation or assistance you are requesting. Do not include any medical or health information in this email. The Reasonable Accommodations team will respond to your email promptly.

Corporate Security Responsibility

All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:

  • Abide by Mastercard’s security policies and practices;
  • Ensure the confidentiality and integrity of the information being accessed;
  • Report any suspected information security violation or breach, and
  • Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.

Requisition ID: R-160492

More Information

Apply for this job

Leave your thoughts

Share this job