Director, Technology Risk Management Job Listing at Mastercard in O'Fallon, MO (Job ID R-254736)

Description

Our Purpose

Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we're helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential.

Title and Summary

Director, Technology Risk Management The mission of the PCI program at Mastercard is to protect our security posture. The PCI team ensures that all of our applications and platforms that involve payments and payment data are PCI compliant and certified to PCI- DSS (Data Security Standards) as well as other PCI standards where applicable.
We are looking for someone to join our team to help us drive and meet these compliance goals. This person will be a technically savvy person who likes to solve issues and drive outcomes.

Responsibilities include:
• Support the development of efficiencies that new work-flow processes to ensure scalability and sustainability of the program
• Partner with other MasterCard standard and compliance initiatives such as ISO, SOC1 to ensure consistency, cross standard efficiencies
• Support external Audits such as FBA, Bank of India, GBLA, SWIFT
• Work on day to day management of internal PCI Program processes and standard operating procedures
• Lead certification efforts that are not DSS: PIN, 3DS, TSP, P2PE etc.
• Representing PCI in long term technical projects that were identified through the PCI process to ensure compliance with standards e.g. Mainframe encryption
• Communicate security risks and gaps as related to or identified by PCI to stakeholders and executive management
• Drive the identification of thematic and enterprise issues and provide visibility in appropriate forums
• Develop and manage key metrics
• Provide PCI guidance on inquiries for new products and technologies

Knowledge of:
• PCI standards and requirements
• Latest information security protocols and standards
• Mastercard environments—physical and cloud
• Security controls, especially those that impact PCI (encryption, access, vulnerability testing etc.)
• Security prevention and detection systems and other security event management systems
• Data structures and classifications

Ability to:
• Review security architecture of applications and determine PCI relevance
• Employ strong research skills and problem-solving skills
• Apply PCI standards to new and existing technologies
• Identify and evaluate security gaps
• Communicate business risk to stakeholders
• Understand security findings (scanning/Pen test) and assess remediation strategies
• Evaluate compensating controls
• Conduct or facilitate meaningful meetings
• Work in slightly chaotic, rapidly growing environment
• Must have the ability to confidently and quickly make a decision is the hustle-bustle environment
• Work both independently and as part of a very cohesive team Mastercard is a merit-based, inclusive, equal opportunity employer that considers applicants without regard to gender, gender identity, sexual orientation, race, ethnicity, disabled or veteran status, or any other characteristic protected by law. We hire the most qualified candidate for the role. In the US or Canada, if you require accommodations or assistance to complete the online application process or during the recruitment process, please contact reasonable_accommodation@mastercard.com and identify the type of accommodation or assistance you are requesting. Do not include any medical or health information in this email. The Reasonable Accommodations team will respond to your email promptly.

Corporate Security Responsibility

All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:

• Abide by Mastercard's security policies and practices;

• Ensure the confidentiality and integrity of the information being accessed;

• Report any suspected information security violation or breach, and

• Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines.

In line with Mastercard's total compensation philosophy and assuming that the job will be performed in the US, the successful candidate will be offered a competitive base salary and may be eligible for an annual bonus or commissions depending on the role. The base salary offered may vary depending on multiple factors, including but not limited to location, job-related knowledge, skills, and experience. Mastercard benefits for full time (and certain part time) employees generally include: insurance (including medical, prescription drug, dental, vision, disability, life insurance); flexible spending account and health savings account; paid leaves (including 16 weeks of new parent leave and up to 20 days of bereavement leave); 80 hours of Paid Sick and Safe Time, 25 days of vacation time and 5 personal days, pro-rated based on date of hire; 10 annual paid U.S. observed holidays; 401k with a best-in-class company match; deferred compensation for eligible roles; fitness reimbursement or on-site fitness facilities; eligibility for tuition reimbursement; and many more.

Pay Ranges

O'Fallon, Missouri: $128,000 - $198,000 USD

 Apply on company website