Senior Analyst, Technology Risk
RiskRecon
IT
Toronto, ON, Canada
Posted on Oct 22, 2024
Job Title:
Senior Analyst, Technology RiskOverview:
OverviewThe Risk Management team is responsible for establishing and maintaining the Corporate Security risk management program at MasterCard.The program is intended to ensure the company's information assets and systems are managed in accordance with corporate security policies and standards, providing adequate protection of the environment. The risk management team is the 'process owner' for all security related risk assessments as well as the identification and tracking of discrete risks and policy exceptions. A crucial element of the risk management team is working with enterprise risk management, operational risk management and corporate security leaders to document acceptable levels of residual risk as it relates to the security program and the controls implemented for the purposes of risk reduction.
Role
*Perform risk assessment activities, including the planning, testing, reporting and recommending of appropriate remediation measures.
*Track and monitor risk mitigation and coordination of policy and controls to ensure that business partners are taking effective remediation steps.
*Maintain up-to-date understanding of industry best practices and monitor the legal and regulatory environment for developments that could require changes to established IT policies and practices.
*Work directly with teams from enterprise risk management, operational risk management and corporate security departments to facilitate IT risk analysis, identify acceptable levels of residual risk and establish roles and responsibilities related to risk reduction and closing of gaps.
*Provide data analysis and strategy execution across risk areas, leveraging an understanding of risk and regulation.
*Support cross-functional initiatives to deliver on risk goals, policies and procedures.
*Develop risk processes, including identifying and implementing best practices and ensuring all processes are documented, reviewed and updated regularly.
*Understand and support the Corporate Security risk strategies.