Our Purpose
We work to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments and businesses realize their greatest potential. Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. We cultivate a culture of inclusion for all employees that respects their individual strengths, views, and experiences. We believe that our differences enable us to be a better team – one that makes better decisions, drives innovation and delivers better business results.
Title and Summary
Risk Manager (Resilience)
Who is Mastercard?
Mastercard is a global technology company in the payments industry. Our mission is to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart, and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments, and businesses realize their greatest potential.
Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. With connections across more than 210 countries and territories, we are building a sustainable world that unlocks priceless possibilities for all.
About RTP International
Real Time Payments International (RTP INT) is an operating programme under the Mastercard Core Payments model and an operating entity for six current international real time ‘live service’ markets as part of the overall Mastercard RTP portfolio. The services, whilst stated as RTP, also cover other products and these include Real Time payments, Bulk and Batch (BPS), Data Feed Manager (DFM), Proxy Database Services (PDS) and various User Interface solutions (UI). The market countries are a mix of four software supplied sales and 2 managed service hubs.
About the position
This position is based in Manila at Mastercard’s office with interaction, and possible travel to customer offices also located in Metro Manila. Reporting to the 2nd line Risk Director in London, you will be collaborating with colleagues across Regional and Global teams. This role offers an exciting opportunity to join the Mastercard Risk Team supporting RTP INT in the APAC region.
We seek a candidate with operational resilience and preferably risk management experience in the payments or financial services industry. This role is pivotal in ensuring the operational resilience of our infrastructure, guarding against disruptions/incidents, and mitigating risks impacting our customers' services. Working closely with Biz Ops and Engineering teams, the candidate will proactively monitor and manage technology risks to protect Mastercard and its customers.
The incumbent will collaborate with business risk owners, the 1st line risk team, Tech Risk Management (TRM), Biz Ops, and Engineering teams to establish robust governance frameworks for assessing, monitoring, and mitigating risks effectively. This involves engaging stakeholders to validate risk assessments, challenge assumptions, and enforce compliance with established policies and procedures. Additionally, they will contribute to enhancing governance structures to cultivate a culture of risk awareness and accountability across the organization.
Responsibilities include the following:
• Partner with Mastercard Global Technology Risk Management, Regional Technology, Local technology (i.e. Service Management) and Biz Ops teams for all risk-related activity to ensure alignment on risk management methodology and practices
• Conduct independent assessments of the first line's internal controls, scrutinizing their design and effectiveness to identify deficiencies, deviations, and compliance gaps, while providing constructive challenges and recommendations for enhancement
• Develop and update risk and control process documentation
• Liaise with and support the risk and control owners to resolve any questions, queries, and problems relating to technology risks
• Provide risk briefings to the management ensuring risks, issues, and appetite breaches are monitored and escalated thoughtfully
• Work with control owners to collect security and operational metrics required for management reports and dashboards
• Coordinate internal and external audits including but not limited to gathering, reviewing, and storing evidence, scheduling meetings with stakeholders, and liaising with internal control owners and the external auditors to ensure smooth completion of the audits
• Ensuring the resilience and effectiveness of our services, with strong internal partner management and external relationship management of key vendors
• Collaborate with internal and external partners, ensuring that appropriate frameworks are in place with third parties to mitigate risks and deliver maximum value
• Provide input to scenario testing, running pilots, and designing templates for vulnerabilities
• Developing and providing training and communications to reinforce and embed key requirements
• Identify and evaluate resilience solutions against a range of criteria to find the ones that best meet business needs
• Compliance and Reporting:
o Stay up to date on relevant regulations and industry standards related to risk management and business continuity
o Ensure compliance with regulatory requirements and internal policies related to risk management
o Prepare and present regular reports on risk assessment findings, mitigation efforts, and the overall resilience of the organization to senior management
• Business Continuity Planning:
o Develop and maintain business continuity plans to ensure the organization can continue critical operations in the event of a disruption
o Work with cross-functional teams to identify key business processes and develop strategies to minimize downtime and mitigate the impact of disruptions
o Conduct regular testing and exercises of business continuity plans to ensure effectiveness and identify areas for improvement
All About You
• 2-3 years of experience in risk management, business continuity planning, or a related field
• Relevant experience of working in a complex (preferably global) stakeholder environment that includes complex customers and regulators (both local and regional)
• Experience working in regulated payments and financial services
• Ability to assess technology controls, vulnerabilities, and potential risks
• Experience in handling regulatory and customer audits, conducting assessments, and a good understanding of governance, risk, and compliance practices
• Effective communication and interpersonal skills, with the ability to collaborate with stakeholders at all levels of the organization
• Ability to develop trusted relationships with peers and senior stakeholders
• A strong understanding of risk strategy and frameworks with an ability to identify, articulate and manage risks as well as the wider evolving regulatory landscape for resilience
• Strong time management and organizational skills
• Experience conducting risk assessments, developing business continuity plans, and leading response efforts during emergencies or disruptions
• Previous exposure to Linux and/or Windows Operating Systems, coding languages, and/or Networks
• Ability to articulate themselves clearly and concisely to a broad range of senior and junior stakeholders.
• Strong influencing skills; organizationally savvy
• Excellent analytical and problem-solving skills, with the ability to assess complex situations and make sound decisions under pressure
Join Us
If you are passionate about operational resilience risk management and ready to make a meaningful impact in safeguarding the operations our of managed services and software sales services, we invite you to join our dynamic team. Apply now to be part of our mission to ensure the stability, security, and resilience of our payment systems and services.
Corporate Security Responsibility
All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:
-
Abide by Mastercard’s security policies and practices;
-
Ensure the confidentiality and integrity of the information being accessed;
-
Report any suspected information security violation or breach, and
-
Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.
What We Do
Mastercard powers economies and empowers people in 200+ countries and territories worldwide. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential.
Why Work With Us
As a global technology company in the payments space, we are looking for change makers who are committed to doing well by doing good. We offer a wide variety of opportunities for passionate individuals who want a growing career with impact.