Mastercard

Our Purpose

We work to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments and businesses realize their greatest potential. Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. We cultivate a culture of inclusion for all employees that respects their individual strengths, views, and experiences. We believe that our differences enable us to be a better team – one that makes better decisions, drives innovation and delivers better business results.

Title and Summary

Senior Auditor

Who is Mastercard?

Mastercard is a global technology company in the payments industry. Our mission is to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart, and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments, and businesses realize their greatest potential.

Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. With connections across more than 210 countries and territories, we are building a sustainable world that unlocks priceless possibilities for all.

Overview

The Internal Audit Department provides independent and objective assurance and advisory services to assess and enhance the effectiveness and efficiency of Mastercard’s governance, risk management and internal control processes. This position will be responsible for planning and executing global IT and operational audits and supporting the department’s integrated risk assessment and plan development.

Role:

• Understand the business and technology environment; effectively partner with stakeholders to understand associated risk and control environment
• Contribute to the annual risk assessment process and the development of the annual audit plan
• Deliver on time, high quality testing/audits, reviews, and advisory projects, with participation in all phases: planning/scoping, fieldwork, and reporting
• Evaluate compliance against legal, regulatory, policy and procedural requirements, and industry frameworks and best practices
• Assess design and operating effectiveness of controls through inquiry, observation, and inspection testing
• Identify, draft, and vet issues with business partners, accounting for impact, root cause, and risk severity
• Work with issue owners to drive the development of sustainable actions to remediate issues; regularly monitor issue progress and validate closure
• Provide credible challenge to stakeholders in all areas of audit coverage

All About You:

• Technology or Technology Risk Management professional (first/second line of defense, internal / external audit) or equivalent experience or exposure to both infrastructure and applications
• Knowledge of IT general computer controls, Information Security controls, and related processes and frameworks (i.e. NIST, COBIT, COSO, ISO)
• Knowledge of third party assurance reporting and frameworks (SOC, ISAE3000) is a plus
• Exposure to multiple computing environments (i.e. Mainframe, UNIX/Linux, HP Nonstop, Windows)
• Exposure and/or experience related to payments-related products and services, Open Banking, Data Management, and Artificial Intelligence is a plus
• Professional credentials (e.g., CIA, CISA, CISSP, or equivalent) are a plus
• Self-starter with ability to work independently and in a team setting
• Ability to handle multiple tasks and consistently meet established deadlines
• Strong communication skills in English (spoken and written)
• Travel up to 20%

Corporate Security Responsibility

All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:

• Abide by Mastercard’s security policies and practices;
• Ensure the confidentiality and integrity of the information being accessed;
• Report any suspected information security violation or breach, and
• Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.