Director, Controls & Issue Advisory

Our Purpose Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we’re helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential. Title And Summary Director, Controls & Issue Advisory

Director, Controls and Issues Advisory, Controls Office

Job Description Summary Who is Mastercard

Mastercard is a global technology company in the payments industry. Our mission is to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart, and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments, and businesses realise their greatest potential.

Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. With connections across more than 210 countries and territories, we are building a sustainable world that unlocks priceless possibilities for all.

Vocalink Limited (a Mastercard Company) is a technology-driven payment company with a unique position within the UK domestic payments industry. The services Vocalink offers to its customers in the United Kingdom account for 90% of salaries paid, nearly all benefit payments, all cheques cleared and the majority of ATM transactions.

Overview This is an exciting opportunity to build and lead the Controls and Issues Advisory team within the Vocalink Controls Office function.

The Director, Controls and Issues Advisory role within the Controls Office leads the team that will ensure Vocalink Limited’s operations are compliant with relevant policies, procedures and regulations, while also identifying and addressing any control weakness or issues. This involves overseeing a team of colleagues who will be responsible for assessing and supporting the implementation of controls, monitoring their effectiveness and providing recommendations for improvement.

The team is dedicated to ensuring that Vocalink’s services remains robust, secure, and seamless for 60+million citizens every day – in numbers, that is 11 billion transactions every year with a value of over £6 trillion.

We are seeking an experienced and talented risk and controls leader to manage the continuous improvement of controls robustness, and to support the delivery of actions that are required to remediate identified issues.

The successful candidate is likely to have an understanding of key technology risk and information security related industry frameworks and supporting guidelines (e.g. ISO/IEC27001 and ISO/IEC27002, COBIT, ITIL, NIST).

The Vocalink Director, Controls and Issues Advisory, reports to the Head of Controls Office at Vocalink Limited.

The role holder will lead the Controls and Issues Advisory team to promote controls and issues management excellence, providing expert advice to maximise controls effectiveness and efficiency across Vocalink through various activities:

• Lead the team’s approach to analysing existing controls, identifying gaps and providing control and issue advice to 1LOD functions in line with Vocalink Limited’s Enterprise Risk Management Framework
• Review new and amended controls and issues to ensure fitness for purpose ahead of them being implemented, in line with agreed processes
• Drive the Controls Issue and Advisory team to deliver proactive support and constructive challenge to 1st line teams, to promote continuous improvement on controls and issues.
• Support the implementation of applicable procedures to enable effective 1LOD adoption of Vocalink’s control and Issue management policies and processes
• Manage and maintain the focused Controls Library domain(L1-L3) on behalf of Vocalink.
• Complete control effectiveness assessments to provide continuous assurance
• Provide issues triage, track and monitor issues management (including internal / external audits) and undertake closure validation
• Recommend and support the implementation of improvements to the control environment, including exploring control and control testing automation
• Develop and maintain strong, collaborative working relationships with stakeholders at all levels of the organisational hierarchy (function, entity and group).
• Develop and implement strategies to enhance the management of issues and controls across all first line teams.
• Participate in Risk and Control Self-Assessment (RCSA) processes to ensure required actions on controls and issues are identified and progressed.
• Work with 2nd line risk teams to collaboratively deliver continuous improvement across 1st line teams.
• Support the Head of Controls Office: Drive delivery of priorities requiring supports as required and deputise as appropriate, including in key senior committees (e.g. those related to operational resilience and corporate security).

Essential Knowledge Skills and Experience

A proven record of success as a risk and controls leader in a risk partnering or similar capacity

Significant experience in applying operational risk frameworks and risk assessment methodologies

A detailed understanding of internal controls frameworks

Experience of managing or playing a leading role in the RCSA process, ideally in a banking, financial services, IT or payments context.

Experience of working with any of the following disciplines, not necessarily in a financial services environment: Technology (e.g. Hardware and Software engineering), Operations (e.g. incident, change and problem management), Information Security (e.g SOC, vulnerability mgmt. etc), or Operational Resilience (e.g. Third-party management, scenario analysis etc)

Excellent written and verbal communication skills

The ability to engage, influence and challenge stakeholders at all levels of an organisation, highly effectively

Strong analytical, reporting and presentation skills

Ability to motivate, inspire and lead people effectively, both to deliver BAU and change.

Able to effectively prioritise the team’s workload

Ability to remain calm and focused when working under pressure

A proven record of driving robust and timely delivery of activities

Desirable

An understanding of key technology risk and information security related industry frameworks and supporting guidelines (e.g. ISO/IEC27001 and ISO/IEC27002, COBIT, ITIL, NIST) is highly desirable.

Experience of working across various lines of defence

Experienced across the key pillars of the Controls Office – Controls Governance, Controls Management, Controls Testing, Assurance, and Issues Management, preferably in a regulated firm.

Experience within Critical National Infrastructure responsible organisations

Corporate Security Responsibility All Activities Involving Access To Mastercard Assets, Information, And Networks Comes With An Inherent Risk To The Organization And, Therefore, It Is Expected That Every Person Working For, Or On Behalf Of, Mastercard Is Responsible For Information Security And Must:

• Abide by Mastercard’s security policies and practices;
• Ensure the confidentiality and integrity of the information being accessed;
• Report any suspected information security violation or breach, and
• Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.