Our Purpose
Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we’re helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential.
Title and Summary
Director, Operational Risk and Controls Quality Assurance
Who is Mastercard?
Mastercard is a global technology company in the payments industry, operating in over 210 countries and territories. We’re building an inclusive, sustainable digital economy where everyone prospers by making transactions safe, simple, smart, and accessible. Our innovation, secure networks, and partnerships deliver products and services that help individuals, businesses, and governments realize their greatest potential.
Overview:
The Mastercard Risk team is looking for a Director of Operational Risk and Controls (ORC) to lead two important areas of the ORC Program. The first is to lead Quality Assurance for Compliance including Anti-Money Laundering, Sanctions, Anti-Bribery and Corruption, Export Controls, and Business Conduct. The second part of the role includes supporting the SVP, Operational Risk & Controls with execution and oversight of certain key elements of our Operational Risk strategy, framework and program. This is a pivotal role within the Mastercard Risk Organization’s Operational Risk and Controls (ORC) team, reporting directly to SVP, Operational Risk and Controls, who is based in Purchase, NY.
The preferred applicant will possess comprehensive expertise in Compliance, a proven track record of leading Compliance quality assurance programs, and substantial operational risk management program expertise within the second line of defense. Knowledge of compliance quality assurance testing and operational risk management practices in a large organization is required. This role is a pivotal part of the Mastercard Risk Operational Risk and Controls team and is a high-impact leadership role for an Operational Risk and Compliance professional with deep QA expertise, strong judgment, and a passion for building scalable, effective operational risk and control environments.
Role:
The Director of Operational Risk and Controls (ORC) is responsible for leading, managing, driving, executing and documenting specific areas of the operational risk and control program including but not limited to:
Compliance Quality Assurance Oversight
• Oversee a team of 4-5 compliance QA analysts and managers. Sets the strategic direction for compliance QA testing across core compliance domains, governs a risk-based testing framework, and delivers independent assurance to senior leadership
• Partner closely with program owners and executive stakeholders to provide insight into control health, thematic trends, and residual risk, while driving remediation, procedural integrity, and continuous improvement
• Ensure the execution of testing of design and effectiveness of key compliance controls and processes is performed and evaluated in line with agreed upon plan. Track and report on testing results and remediation and escalate when remediation is off track.
• Ensure QA testing of the following areas is completed and reviewed in a timely and comprehensive manner: customer onboarding, due diligence refreshes, transaction monitoring, sanctions screening, and other critical compliance activities.
Operational Risk & Controls Oversight
• Work closely with the SVP, ORC. Attend team meetings and operational risk meetings. Ensure action items and next steps are captured and completed. Prepare minutes and slides for meetings where needed.
• Manage and lead the Operational Risk and Controls annual operating plan including Monday.com.
• Prepare executive level presentations, updates for senior management and committees.
• Drive the annual ORC policy, standards, templates and tool update process. Manage to completion.
• Support the adoption of the Operational Risk and Controls Framework and participate in risk and control identification initiatives in select areas of focus. Support business owners in RCSA process where needed.
• Advance the Process Framework and Inventory in coordination with various business owners.
• Lead the annual objectives development process for the ORC Team
• Lead and drive the preparation of ORC materials for the annual Strategy Session
• Develop and manage cohesive and centralized reporting and dashboards for status of the ORC program.
• Support the advancement of the Operational Risk & Control Framework
• Engage with local 1LoD risk and operations teams on ORC policy, program and practice adoption
• Support audit readiness efforts and regulatory responses where needed.
• Perform quality assurance checks over select areas of ORC focus.
All About You:
• Bachelor’s degree in finance, business, or risk management required; advanced degree or relevant certifications (e.g., ACAMS, CCEP) preferred.
• 10+ years of experience in compliance, audit, or risk management, with significant experience leading QA or testing programs.
• Strong leadership and team management skills, with experience building and mentoring high-performing teams.
• Excellent collaboration skills. Ability to work across multiple geographies and different teams
• Deep expertise in financial crime compliance, including AML, sanctions, anti-bribery and corruption, and export controls.
• Proven ability to design and execute risk-based testing frameworks and deliver actionable insights to senior stakeholders.
• Excellent communication and presentation skills; ability to influence across functions and levels.
• Experience driving process improvement and leveraging technology to enhance QA effectiveness and efficiency.
• Strong analytical and strategic thinking skills, with the ability to identify trends, assess residual risk, and recommend improvements.
• Comfortable operating in a fast-paced, complex, and highly regulated environment.
• Proficient in Microsoft Office; experience with QA workflow tools, data analytics platforms, and automation technologies is a plus
• Highly organized and able to proactively manage time and prioritize assignments to meet target dates and deadlines, while delivering thorough, accurate and quality work
• Knowledge of GRC and Dashboarding tools is desired (e.g. Open Pages, Power BI)
• Working experience on operational risk programs
• Strong experience building and managing executive level reporting and dashboards
• Excellent problem-solving and analytical skills. Familiarity with data driven risk reporting
Corporate Security Responsibility
All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:
Abide by Mastercard’s security policies and practices;
Ensure the confidentiality and integrity of the information being accessed;
Report any suspected information security violation or breach, and
Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.