Director, Operational Risk and Controls Job Listing at Mastercard in Toronto, ON (Job ID R-248255)

Description

Our Purpose

Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we're helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential.

Title and Summary

Director, Operational Risk and Controls Overview:

The Mastercard Risk team is looking for a Director of Operational Risk and Controls (ORC) to support the execution of our Operational Risk strategy, framework and program. This is a key role within the Risk Organization's Operational Risk and Controls team reporting to the SVP, Operational Risk and Controls. The ideal candidate will have operational risk and audit experience and has evaluated technology and non-technology risk events, loss events and issues within a large organization.

Role:

The Director of Operational Risk and Controls is responsible for executing against the strategic direction, application and optimization of the organization's operational risk and control framework on a global scale. This role partners with key stakeholders across the organization to ensure they identify, assess, and effectively manage operational risk associated with internal processes, risk events and key business services, all of which are foundational to Mastercard's ability to deliver on its strategic goals, corporate objectives and core values.

• Lead the Operational Risk and Controls Issue Management program in line with Issue Management Guidelines. Drive issue management program execution and alignment across the organization including the oversight of the issue management database, and the tracking, monitoring and reporting of issue remediation actions through to closure.
• Work with business owners to support Risk Event, Incident and Loss Event root cause analysis recommending appropriate remediation measures.
• Oversee the centralized tracking and management of risk events, loss events and near misses including related remediation activities through to closure in a centralized tool. Ensure activities are completed and/or report and escalate where necessary.
• Oversee the implementation of standards, guidelines and practice documents for issues, risk events, loss events and near misses ensuring annual reviews are performed
• Develop monthly reporting and dashboards for timely updates to management on risk events, issues and other areas of focus as requested. Drive robust reporting, dashboards, and data analysis understanding key trends and themes.
• Drive the preparation of the ORC Team's Annual Strategy Session Materials and other Executive and Senior Management Presentations and Reporting as requested
• Work with various teams to harmonize loss event, issues and other ORC program data across different GRC tools (e.g. Archer) and systems (salesforce, remedy etc.).
• Work with business owners and the ORC team to develop KRIs and KCIs where applicable. Perform monitoring, tracking and reporting of metrics and follow up on areas where metrics have been breached. Work with business owners on metric breaches to determine root cause and solutions
• Ensure proper validation and reperformance of controls occurs where warranted
• Work with business owners on Risk & Control Identification and Assessments in select areas of the taxonomy to identify areas of risk and appropriate controls to mitigate those risks
• Manage and support deliverables for regulatory and auditor requests. Serve as a control point in the ORC team for reviewing and assessing the evidence, before submitting it to Regulators and Auditors.
• Support the ORC team with ad hoc projects across the operational risk and control domains
• Stay current on risk management practices and external operational risk events
• Deliver on Operational Risk Management project plan milestones and initiatives to enhance and further embed the program within the organization
• Lead and oversee cohesive and centralized reporting of operational risk events, controls and mitigations for senior management updates
• Partner with the business on executing risk assessments (RCSAs) to identify and evaluate potential risks and vulnerabilities for targeted areas of importance and key areas of risk
• Drive continuous enhancements across the program including: process improvements, simplification projects, efficiencies, and automation in execution where possible
• Work with business owners to ensure proper monitoring and assessment of internal controls
• Support an enterprise-wide approach to incident management leveraging existing practices and contemplating best practices for a more efficient and effective process
• Provide guidance to business units on root cause of incidents and on implementing effective risk mitigation procedures.
• Foster a risk-aware business culture by delivering risk education and awareness
• Encourage a proactive approach to operational risk identification and management at all levels
• Engage with key stakeholders to ensure alignment and collaboration on operational risk initiatives and internal control reviews
• Establish procedures, reporting, metrics and dashboards on Operational Risk and Controls for reporting to senior management, the ERC and the Risk Committee of the Board
• Lead workshops and working groups on Operational Risk and Control initiatives

All About You:

• Significant prior relevant operational risk and controls experience
• Bachelor's Degree in finance, risk management, business, or a related field
• Professional Certifications preferred (e.g. CPA)
• Operational Risk and Information Technology (IT) Controls experience preferred
• Payments, Financial Services, or Big 4 Consulting expertise desired
• External Audit and/or Internal Audit technology and non-technology experience preferred
• Demonstrated ability to work collaboratively across departments
• Led efforts to identify, assess, and remediate operational risk events, loss events, and issues
• Demonstrated ability to effectively analyze root cause using robust root cause analysis practices
• Performed Risk Assessments, RCSAs and Control reviews in a large organization
• Working knowledge of GRC and Dashboarding tools (e.g. Archer, Open Pages, Power BI etc.) Mastercard is a merit-based, inclusive, equal opportunity employer that considers applicants without regard to gender, gender identity, sexual orientation, race, ethnicity, disabled or veteran status, or any other characteristic protected by law. We hire the most qualified candidate for the role. In the US or Canada, if you require accommodations or assistance to complete the online application process or during the recruitment process, please contact reasonable_accommodation@mastercard.com and identify the type of accommodation or assistance you are requesting. Do not include any medical or health information in this email. The Reasonable Accommodations team will respond to your email promptly.

Corporate Security Responsibility

All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:

• Abide by Mastercard's security policies and practices;

• Ensure the confidentiality and integrity of the information being accessed;

• Report any suspected information security violation or breach, and

• Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines.

 Apply on company website