Risk Management Manager

About the role

Mastercard is seeking a Risk Management Manager to lead security control assessment within its Corporate Security organization. The role sits in the 1st Line of Defense, coordinating with security, risk, and product teams to ensure robust control environments.

Key responsibilities

• Execute design and operating effectiveness testing of security controls across domains such as access management, vulnerability management, logging/monitoring, encryption, and incident response.
• Review and evaluate evidence submitted by control owners, rate effectiveness, and document findings.
• Develop and refine control testing plans, drive standardization, automation, and reporting to provide visibility for management and regulators.
• Partner with control owners and security engineers to remediate gaps, set target dates, and escalate high‑risk issues.
• Maintain compliance with regulatory frameworks including PCI DSS, SOC 1, SOC 2, and ISO 27001.

Required profile

• Proven experience in security risk assessment and control testing within a large enterprise.
• Strong understanding of security frameworks and regulatory requirements.
• Ability to work cross‑functionally with technical and business stakeholders.
• Analytical mindset with attention to detail and strong documentation skills.

Required skills

• Security control testing
• Access management
• Vulnerability management
• Logging/monitoring
• Encryption
• Incident response
• PCI DSS
• SOC 1
• SOC 2
• ISO 27001