Manager, Risk Management Framework

Our Purpose
Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we're helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential.
Title and Summary
Manager, Risk Management Framework
Manager, Risk Management Framework - Governance & Tooling
Who is Mastercard?
Mastercard is a global technology company in the payments industry. Our mission is to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart, and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments, and businesses realize their greatest potential.
Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. With connections across more than 210 countries and territories, we are building a sustainable world that unlocks priceless possibilities for all.
Overview
The Second Line Risk Management team is looking for a Manager, Risk Framework - Governance & Tooling who will have responsibility for supporting the design, implementation and maintenance of the Risk Management Framework (RMF) methodology, governance, policies and process documentation; and supporting, delivering, and governing the suite of technology, data, and analytical capabilities that enable effective risk management across selected Regulated Entities. This role ensures risk teams have modern, scalable, and integrated tools to identify, assess, monitor, and report risk.
Role• Under the leadership of VP Risk Management Frameworks, develop, maintain and continuously enhance the Risk Governance, Infrastructure, and Tools which support the overarching Risk Management Framework, including all related methodologies, policies and procedures, ensuring alignment with regulatory requirements, Mastercard Risk expectations, and industry good practice.• Support the development and maintenance of the plans that are required to support the Framework rollout, ensuring reporting remains up to date, effective and relevant.• Maintain, update, and govern the entity's risk policies, standards, and procedures, coordinating periodic policy reviews, stakeholder consultations, and approval processes.• Monitor adherence to risk policies and processes across 1LOD, support risk-related change initiatives, and contribute to risk assurance activities by providing required information, insight and explanation.• Design, document, and maintain end-to-end process maps, workflows, and procedural guides in a central repository for process documentation and ensuring version control.• Champion technology innovation within selected Regulated Entity Risk functions, identifying opportunities for automation, AI/ML enablement, workflow optimization, and improved risk insights. • Oversee the design, implementation, and continuous improvement of risk platforms-including GRC systems, risk dashboards, risk tools, and regulatory reporting systems in alignment with the Global risk tooling strategy. • Partner with selected Regulated Entities to collate, analyze, and document local entity and regulatory requirements, and translate them into clear, actionable, and testable functional/ technical requirements for GRC tool development teams.• Lead end-to-end implementation of GRC tools across selected Regulated Entities, including development of implementation roadmaps, execution plans, and cutover strategies from existing manual solutions.• Coordinate user access reviews and provide ad-hoc tooling support.• Establish governance for tooling changes, access controls, configuration management, release cycles, and end user support frameworks.• Oversee testing and validation activities, including UAT, to ensure all risk tooling meets regulatory expectations and entity-specific requirements relating to operational resilience, model governance, records retention, and data protection.• Act as a primary liaison between stakeholders, including executive leadership, risk management, compliance, technology, and software development teams, ensuring alignment on priorities, scope, and delivery timelines.• Coordinate and chair GRC Steering Committees (SteerCos), consolidating SME and GRC user requirements, prioritize requirements, tracking decisions and actions, and presenting program status, risks, and key developments to Executive Leadership.• Develop training materials for Governance and Risk Tooling, attend training events and help ensure that colleagues at all levels are performing their desired role as per the Risk Framework.• Support other activities in the Risk Framework Team as necessary.
All About You• Strong knowledge of risk management principles, including 3LoD, good risk governance, and financial services risk and compliance frameworks, standards and regulations. • Experience using key Risk Management tools such as IBM OpenPages, Archer, and reporting/BI tools (PowerBI, Tableau, Domo, Access). • Ability to use AI to enhance risk management activities, including accelerated insight generation and strengthened framework documentation.• High level of accuracy, attention to detail, and strong reporting and presentation capabilities, including advanced use of MS Word, Excel and PowerPoint. • Proven ability to self-start, prioritize, problem solve and work effectively under pressure. • Excellent communication skills and positive, professional behaviors aligned to company standards. • Strong team-working skills with the ability to build and maintain collaborative relationships.
Corporate Security Responsibility
Every person working for, or on behalf of, Mastercard is responsible for information security. All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and therefore, it is expected that the successful candidate for this position must:• Abide by Mastercard's security policies and practices;• Ensure the confidentiality and integrity of the information being accessed;• Report any suspected information security violation or breach, and • Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines.
Corporate Security Responsibility
All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:

• Abide by Mastercard's security policies and practices;
• Ensure the confidentiality and integrity of the information being accessed;
• Report any suspected information security violation or breach, and
• Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines.