Our Purpose

Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we’re helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential.

Title and Summary

Director, Risk Management Resilience

About RTP International

Real-Time Payments International (RTP INT) is an operating program under the Core Payments model and an operating entity for six current international real-time ‘live service’ markets as part of the overall Mastercard RTP portfolio. The services, whilst stated as RTP, also cover other products and these include Real Time payments, Bulk and Batch (BPS), Data Feed Manager (DFM), Proxy Database Services (PDS) and various User Interface solutions (UI). The market countries are a mix of four software supplied sales and 2 managed service hubs:

•\tBancNet - Philippines (IPS)
•\tCCE – Peru (IPS and BPS)
•\tITMX – Thailand (IPS)
•\tBCS – Singapore (IPS)
•\tSaudi Payments (IPS and BPS)
•\tTCH – USA (IPS)

About the position

Based in Lima and reporting to the 2nd line Risk VP in New York, this role offers an exciting opportunity to join the Mastercard Risk Team supporting RTP INT in the Americas region and beyond.

We are seeking a candidate with information security and preferably risk management experience to join our 2nd line risk team. This role is key to strengthening our infrastructure's security, defending against cyber threats, and managing risks that may disrupt our customer services. Collaborating with business risk owners, the 1st line risk team, Tech Risk Management (TRM), Biz Ops, and Engineering teams to ensure robust governance frameworks are in place to assess, monitor, and mitigate risks effectively. This involves actively engaging with stakeholders to validate risk assessments, challenge assumptions, and enforce compliance with established policies and procedures. Additionally, the incumbent will contribute to the development and enhancement of governance structures to foster a culture of risk awareness and accountability across the organization.

Responsibilities include the following:

•\tPartner with Mastercard global Technology Risk Management and Information Security teams for all risk related activity to ensure alignment on risk management methodology and practices
•\tConduct independent assessments of the first line's internal controls, scrutinizing their design and effectiveness to identify deficiencies, deviations, and compliance gaps, while providing constructive challenge and recommendations for enhancement
•\tDevelop and update risk and control policy and process documentation
•\tLiaise with and support the risk and control owners to resolve any questions, queries and problems relating to information security risks
•\tProvide risk briefings to management ensuring risks, issues and appetite breaches are monitored and escalated where necessary
•\tWork with control owners to collect security and operational metrics required for management reports and dashboards
•\tCollaborate with BISOs as a cyber risk expert, to assist then to identify, assess, and manage cyber risks within their respective lines of business
•\tDeveloping and providing training and communications to reinforce and embed key requirements


All About You

•\t2-5 years of experience in risk management, information/cyber security, or a related field
•\tExperience of working in a complex (preferably global) regulated payments or financial services organization with hands on participation in technology risk assessment and mitigation methodologies.
•\tPractical experience with information security standards and risk assessment frameworks such as CRI, ISO 27001, SOC 2, NIST 800-32
•\tAbility to assess technology controls, vulnerabilities, and potential risks, issues and risk events
•\tKnowledge of cybersecurity principles, best practices, and the threat landscape
•\tExperience in handling regulatory, customer and internal audits, conducting assessments and good understanding of governance, risk and compliance practices
•\tExcellent communication skills with both technical and non-technical stakeholders
•\tAbility to develop trusted relationships with peers and senior stakeholders
•\tAbility to articulate themselves clearly and concisely to a broad range of senior and junior stakeholders, acting as a bridge as well as guide for the implementation of new capabilities
•\tStrong influencing skills; organizationally savvy
•\tProblem solving – excellent analysis and deductive skills
•\tCustomer focus – passion for excellence
•\tHighly motivated and conscientious individual
•\tFluent in English


Qualifications (preferred but not required)

•\tBachelor’s degree in Information Technology, Computer Science, or a related field
•\tProfessional Certification or Designation (e.g., CISA, CISM, CISSP, or equivalent)


Join Us

If you are passionate about security risk management and ready to make a meaningful impact in safeguarding the operations our of managed services and software sales services, we invite you to join our dynamic team. Apply now to be part of our mission to ensure the stability, security, and resilience of our payment systems and services.

Corporate Security Responsibility

All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:

Abide by Mastercard’s security policies and practices;

Ensure the confidentiality and integrity of the information being accessed;

Report any suspected information security violation or breach, and

Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.