Lead Technology Risk Management - privacy

Contenuto del lavoro

Our PurposeWe work to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments and businesses realize their greatest potential. Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. We cultivate a culture of inclusion for all employees that respects their individual strengths, views, and experiences. We believe that our differences enable us to be a better team – one that makes better decisions, drives innovation and delivers better business results.Title And SummaryLead Technology Risk Management - privacyOur PurposeWe work to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments and businesses realize their greatest potential. Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. We cultivate a culture of inclusion for all employees that respects their individual strengths, views, and experiences. We believe that our differences enable us to be a better team – one that makes better decisions, drives innovation and delivers better business results.Job TitleLead Technology Risk Management - PrivacyJob Title: Lead Technology Risk Management – PrivacyJob location: Waterloo, Belgium or Copenhagen, DenmarkOverview: The Mastercard Technology Risk Team is looking for an Assurance Lead (manager alike level) to support and manage an assurance and controls program supporting various privacy and security requirements to meet customer and regulatory obligations for Mastercard within the European region. Focus will be on providing compliance support, monitoring, and reporting of the ongoing operating effectiveness of the internal control environment and working closely with application/product owners to document the flow of data at the application level. This role is a pivotal part of the Mastercard technology risk function and supports Mastercard’s commitment to balancing innovation while protecting the internal control posture. The team assesses internal controls to proactively identify risks, define remediation actions and track remediation efforts. We are looking for someone to join our team and help us meet these compliance goals. This person will be a technically savvy person (from an IT as well as a privacy perspective) who likes to solve issues and drive outcomes.The ideal candidate will have the ability to think and act both strategically and tactically while ensuring that the corporation remains compliant with required security, technology, and financial standards, as well as industry best practices.Responsibilities Support and manage assurance programs, engage with internal partners to help build control frameworks (including privacy and security controls) to ensure needs and expectations over services are met for various certifications (e.g., ISAE 3000, SOC2 and ISO27701) Engage with Mastercard Privacy team to ensure privacy principles are adequately addressed Engage with application owners to document data flows using Data Flow Diagrams Engage with the auditors to test the control framework to ensure objectives are met and risk is managed effectively Develop, plan and execute control assessments of various operational and business areas (including privacy and security controls) to assess potential risks or control gaps, by focusing on privacy compliance risks Track remediation internally and externally through to resolution to help improve design and operational effectiveness of controls Report formally on the results of assurance/certification objectives, controls, and risk assessments Help develop and maintain reports, metrics and presentations of progress and results for meetings with customers and regulators Develop and manage risk processes, including identifying and implementing best practices and ensuring all processes are documented, reviewed and updated regularly from a privacy perspective Manage internal control inquiries from both internal and external stakeholdersAbout You Demonstrated ability to operate with independence and autonomy Experience with control frameworks (e.g., SOC2, ISAE 3000, ISO27001 and ISO27701) Bachelor’s degree or equivalent combination of education and experience/Bachelor’s degree in computer science, information technology or related field preferred Strong interpersonal, communication and presentation skills necessary for interaction with business leaders and teams across all levels of the organization Professional certification like CISSP/CISA/CRISC/CIPP or similar, a plus Privacy related professional certification like Certified Information Privacy Manager (CIPM) or similar Contribute to work environment that encourages knowledge of, respect for, and the development of skills to engage with those of other cultures and backgrounds The ability to push back and challenge decisions Strong negotiation and consensus building skills Familiarity with the financial services industry and payment processing industry, a plus Familiarity with GDPR or privacy compliance requirements Familiarity with cloud services, a plusCorporate Security ResponsibilityAll Activities Involving Access To Mastercard Assets, Information, And Networks Comes With An Inherent Risk To The Organization And, Therefore, It Is Expected That Every Person Working For, Or On Behalf Of, Mastercard Is Responsible For Information Security And Must

• Abide by Mastercard’s security policies and practices;
• Ensure the confidentiality and integrity of the information being accessed;
• Report any suspected information security violation or breach, and
• Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.

Corporate Security ResponsibilityAll Activities Involving Access To Mastercard Assets, Information, And Networks Comes With An Inherent Risk To The Organization And, Therefore, It Is Expected That Every Person Working For, Or On Behalf Of, Mastercard Is Responsible For Information Security And Must

• Abide by Mastercard’s security policies and practices;
• Ensure the confidentiality and integrity of the information being accessed;
• Report any suspected information security violation or breach, and
• Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.