Our Purpose
We work to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments and businesses realize their greatest potential. Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. We cultivate a culture of inclusion for all employees that respects their individual strengths, views, and experiences. We believe that our differences enable us to be a better team – one that makes better decisions, drives innovation and delivers better business results.
Title and Summary
Technology Audit ManagerOverview
The Internal Audit department is looking for an IT Audit Manager to provide independent and objective assurance and advisory services to assess and enhance the effectiveness and efficiency of Mastercard’s governance, risk management and internal control processes. This position will be responsible for assisting in planning and executing global IT and operational audits and supporting the department’s integrated risk assessment and plan development.
Role
• Understand the business and technology environment; partner with stakeholders to provide relationship management of the associated risk and control environment
• Maintain the audit universe, contribute to the annual risk assessment process and the development of the annual audit plan
• Deliver on time, high quality audits, reviews, and advisory projects, with participation in all phases: planning/scoping, fieldwork, and reporting
• Evaluate compliance against legal, regulatory, policy and procedural requirements, and industry frameworks
• Assess design and operating effectiveness of controls through inquiry, observation, and inspection testing
• Identify, draft, and vet issues with business partners, accounting for impact, root cause, and risk severity
• Work with issue owners to drive the development of sustainable actions to remediate issues; regularly monitor issue progress and validate closure
• Provide credible challenge to stakeholders in all areas of audit coverage
All About You
• Experience as a Technology Risk Management professional (first/second line of defense, internal / external audit) or equivalent experience in a large, regulated organization with exposure to both infrastructure and applications
• Extensive experience designing and optimizing policies, practices and procedures, including audit methodology, requirements, templates and tools
• Experience implementing corporate governance, risk and compliance programs as well as developing relationships with external regulatory bodies
• Experience performing SOX testing of internal controls over financial reporting
• Knowledge of IT general computer controls, Information Security controls, and related processes and frameworks (i.e. NIST, COBIT, COSO, ISO, etc.)
• Knowledge of third-party assurance reporting and frameworks (SOC, ISAE3000)
• Experience covering Mainframe, UNIX/Linux, HP Nonstop, and Windows environments
• Payments and digital commerce/e-commerce knowledge and experience is a plus
• Self-starter with ability to work independently and in a team setting
• Excellent written and verbal communication skills (in English, additional languages are a plus)
• Professional Certification or Designation (e.g., CA, CPA, CISA, CIA, CFE, JD or equivalent))
• Ability to handle multiple tasks and consistently meet established deadlines
• Travel up to 10%
Corporate Security Responsibility
All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:
Abide by Mastercard’s security policies and practices;
Ensure the confidentiality and integrity of the information being accessed;
Report any suspected information security violation or breach, and
Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.
