Our Purpose
Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we’re helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential.
Title and Summary
Director, Legal Compliance and Risk
Who is Mastercard?
Mastercard (“MA”, “Company”) is a global technology company in the payments sector. We power payments and provide products and services for individuals and industries all around the world. Our people, technology, data and brand provide the capabilities that drive our success. We believe in connecting people to priceless possibilities.
As a company, we know that our success is driven by the skills, experience, integrity and mindset of the talent we hire. By building an inclusive, world-class culture, our employees have once-in-a-career opportunities to be part of teams that have a greater impact on our community and our world. We invite you to join our team to find out how you too can start something priceless.
Overview:
The Mastercard Supervision & Controls (S&C) team is looking for a Director, Legal Compliance and Risk (2nd Line) who will an active participant of the Supervision & Controls team for Recorded Future and provide support on the execution of risk mitigants. The role will engage with senior leaders in the business and second line functions (both at Recorded Future and at Mastercard) to ensure identified risks are appropriately mitigated, and that any potential new risks are identified and managed proactively.
Role:
The Director, Legal Compliance and Risk will be responsible for:
Monitoring Adherence to Business Mitigation Controls:
Oversee and ensure strict adherence to established business mitigation controls and related processes for Recorded Future and Mastercard.
Track, manage and monitor the documentation of controls and risk mitigation plans in a centralized repository. Facilitate reporting, updates, and any escalations as needed.
Validate the execution of risk mitigation plans identified as part of the Risk Register and the Intercompany agreement.
Administer and monitor access controls for new joiners, movers, and leavers, including flagging employees to ensure appropriate access is granted.
Review access to applications with Recorded Future data and monitor data inputs to ensure adherence to data controls.
Respond to breaches of controls or compliance, escalating incidents as necessary to ensure timely and effective resolution.
Develop and deliver training initiatives focused on business mitigation controls for both Recorded Future and Mastercard staff, increasing awareness and understanding of compliance requirements.
Test the design and operating effectiveness of business mitigation controls using a risk-based control testing approach.
Monitor Legal and Regulatory controls and compliance with applicable requirements/controls:
Deliver reporting on Recorded Future’s compliance with applicable legal and regulatory requirements including sanctions, anti-money laundering, and FCPA.
Provide regular reporting to senior leadership on the progress of the mitigation of Top Risks.
Collaborate on intercompany agreement (ICA) updates to ensure that it is up to date and reflects the current business operations and controls for Recorded Future.
Coordinate on US government contracting obligations with assigned individuals.
Validate that product legal checkpoints are occurring related to various legal risks for synergy products.
Monitor Risk Policies and Processes:
Continuously monitor Recorded Future’s compliance with risk policies and processes, ensuring that policies have been adopted appropriately.
Provide Risk and Legal Compliance reporting as needed, including reviewing the reports to ensure that only the necessary and appropriate data is included.
Monitor changes in the business that may warrant changes in controls or processes to continue to meet controls and requirements set forth in guidance provided by Legal, Privacy, and Compliance
Oversee the execution of Risk and Control Self-Assessments (RCSAs) for Recorded Future.
Oversee the execution of Enterprise Risk Assessments for Recorded Future.
All About You:
10+ years risk management and controls assurance experience in a large multinational with a mature Risk function and program or in Corporate Law
Knowledge of legal compliance (e.g., FCPA, Sanctions, AML) and risk management practices (e.g., Enterprise Risk, Technology Risk, Operational Risk)
Ability to collaborate cross-functionally to drive outcomes
Strong interpersonal skills and ability to influence at all levels including outside his / her / their
reporting lines.
Experience in deliverable development for Board / Executive-level presentations
Articulate and highly effective communicator (written, oral, presentation)
Excellent analytical, problem solving and critical thinking skills; Keen attention to detail.
Ability to work under pressure, in sometimes ambiguous circumstances.
Knowledge of the cybersecurity industry and products, competitive environment, consumer trends, and economic environment.
Mastercard is a merit-based, inclusive, equal opportunity employer that considers applicants without regard to gender, gender identity, sexual orientation, race, ethnicity, disabled or veteran status, or any other characteristic protected by law. We hire the most qualified candidate for the role. In the US or Canada, if you require accommodations or assistance to complete the online application process or during the recruitment process, please contact reasonable_accommodation@mastercard.com and identify the type of accommodation or assistance you are requesting. Do not include any medical or health information in this email. The Reasonable Accommodations team will respond to your email promptly.
Corporate Security Responsibility
All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:
Abide by Mastercard’s security policies and practices;
Ensure the confidentiality and integrity of the information being accessed;
Report any suspected information security violation or breach, and
Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.
In line with Mastercard’s total compensation philosophy and assuming that the job will be performed in Canada, the successful candidate will be offered a competitive pay based on location, experience and other qualifications for the role and may be eligible to participate in a discretionary annual incentive program. This posting reflects one or more current openings on our team.
Pay Ranges
Toronto, Canada: $138,000 - $221,000 CAD