Our Purpose
We work to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments and businesses realize their greatest potential. Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. We cultivate a culture of inclusion for all employees that respects their individual strengths, views, and experiences. We believe that our differences enable us to be a better team – one that makes better decisions, drives innovation and delivers better business results.
Title and Summary
Risk Manager (Technology Operations)
Who is Mastercard?
Mastercard is a global technology company in the payments industry. Our mission is to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart, and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments, and businesses realize their greatest potential.
Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. With connections across more than 210 countries and territories, we are building a sustainable world that unlocks priceless possibilities for all.
Overview
Mastercard Payment Services (MPS) provides critical services to Danish and Norwegian national payment infrastructure. We are in the process of transitioning from legacy infrastructure to a Mastercard infrastructure including shared services. During the integration period and beyond, the second line Risk Management Team will have a critical role managing and supporting the risk process.
The Nordic Team of Enterprise Risk Management is looking for a Manager, Risk Management who will have responsibility for championing Technology Operations and resilience risk management practices both internally, at a senior management level and externally with all applicable customers.
About the position
Based in Oslo or Copenhagen and reporting to the 2nd line Risk VP in Oslo, this role offers an exciting opportunity to join the Mastercard Risk Team supporting MPS in the Nordic region.
We are seeking a candidate with technology operations and preferably risk management experience to join our 2nd line risk team. This role is key to strengthening our operational infrastructure, defending against technological disruptions, and managing risks that may impact the service to our customers. Collaborating with business risk owners, the 1st line risk team, Tech Risk Management (TRM), Biz Ops, and Engineering teams, the incumbent will ensure robust governance frameworks are in place to assess, monitor, and mitigate operational risks effectively. This involves actively engaging with stakeholders to validate risk assessments, challenge assumptions, and enforce compliance with established policies and procedures. Additionally, the incumbent will contribute to the development and enhancement of governance structures to foster a culture of risk awareness and accountability across the organization
Responsibilities include the following:
• Partner with Mastercard global Technology Risk Management, BizOps, Engineering, Enterprise Resilience and Corporate Security teams for all risk related activity to ensure alignment on risk management methodology and practices
• Conduct independent assessments of the first line's internal controls, scrutinizing their design and effectiveness to identify deficiencies, deviations, and compliance gaps, while providing constructive challenge and recommendations for enhancement
• Contribute to developing and update risk and control policy and process documentation
• Liaise with and support the risk and control owners to resolve any questions, queries and problems relating to operational, technology and information security risks
• Provide risk briefings to management ensuring risks, issues and appetite breaches are monitored and escalated where necessary
• Work with control owners to collect security and operational metrics required for management reports and dashboards
• Collaborate with BISOs as a cyber risk expert, to assist then to identify, assess, and manage cyber risks within their respective lines of business
• Developing and providing training and communications to reinforce and embed key requirements
All About You:
• 2-3 years of experience in risk management, business/technology operations or information/cyber security, or a related field
• Experience of working in a complex (preferably global) regulated payments or financial services organization with hands on participation in technology risk assessment and mitigation methodologies.
• Practical experience with information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32
• Ability to assess technology controls, vulnerabilities, and potential risks, issues and risk events
• Knowledge of IT Service Managemetn diciplines, cybersecurity principles, best practices, and the threat landscape
• Experience in handling regulatory, customer and internal audits, conducting assessments and good understanding of governance, risk and compliance practices
• Excellent communication skills with both technical and non-technical stakeholders
• Ability to develop trusted relationships with peers and senior stakeholders
• Ability to articulate themselves clearly and concisely to a broad range of senior and junior stakeholders, acting as a bridge as well as guide for the implementation of new capabilities
• Strong influencing skills; organizationally savvy
• Problem solving – excellent analysis and deductive skills
• Customer focus – passion for excellence
• Highly motivated and conscientious individual
• Fluent in English
Qualifications (preferred but not required):
• Bachelor’s degree in Information Technology, Computer Science, or a related field
• Professional Certification or Designation (e.g., CISA, CISM, CISSP, or equivalent)
Join Us
If you are passionate about Technology, Operational and Security risk management and ready to make a meaningful impact in safeguarding the operations our of managed services and software sales services, we invite you to join our dynamic team. Apply now to be part of our mission to ensure the stability, security, and resilience of our payment systems and services.
Corporate Security Responsibility
All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:
Abide by Mastercard’s security policies and practices;
Ensure the confidentiality and integrity of the information being accessed;
Report any suspected information security violation or breach, and
Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.