Director, Technology SME, Second Line Technology Risk
Mastercard•22h ago
CanadaOnsiteFull-timeDirector Level10+ yrs exp
- Our Purpose Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we’re helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential. Title and Summary Director, Technology SME, Second Line Technology Risk Director, Technology SME, Second Line Technology Risk Overview The Second Line Technology Risk team is seeking a Director, Technology SME to provide independent oversight of the Technology Function while bringing deep technical expertise to the assessment and management of risk. This role is designed to strengthen Mastercard’s Second Line capability by embedding greater technical credibility into security and resilience oversight. Operating at the intersection of technology, security
- risk, this leader will partner closely with engineering, architecture
- First Line risk teams to ensure that security and resilience are engineered into products and platforms from the outset. The role will challenge and influence technology decisions, promote a “shift-left” approach
- elevate the organization’s ability to proactively identify and manage emerging risks. In addition to oversight responsibilities, the Director will drive key initiatives for senior leadership, contribute to advancing risk culture
- help shape a forward-looking, technically grounded approach to Second Line technology & security risk oversight across Mastercard. Role The Director, Technology SME, Second Line Technology Risk will:
- Provide independent Second Line oversight of technology risk, delivering effective challenge on architecture, engineering, and operational decisions to ensure risks are appropriately identified, managed, and mitigated.
- Operate at the intersection of technology, security
- resilience, applying deep engineering and architectural expertise to ensure security and resiliency principles are embedded by design across products and platforms.
- Engage directly with CTOs and EVP/SVP-level program leaders, confidently influencing priorities, providing credible challenge, and shaping technology and risk outcomes at the most senior levels of the organization.
- Influence and assess how technology policies, standards, and governance processes are implemented, ensuring they drive practical, scalable, and sustainable risk outcomes.
- Apply software engineering and architectural expertise to improve risk management.
- Evaluate technology and operational incidents with a focus on response effectiveness, root cause rigor, and durability of corrective actions, holding teams accountable for meaningful improvement.
- Assess risks in business and technology decisions, ensuring alignment with enterprise risk tolerance, regulatory expectations, and the protection of Mastercard’s brand and reputation.
- Evaluate risks in business decisions, safeguarding Mastercard’s brand and reputation, complying with laws and policies, making ethical choices, and clearly reporting or escalating control concerns.
- Drive priority initiatives from problem definition through execution, aligning stakeholders and delivering measurable outcomes that enhance risk posture and operational resilience.
- Partner closely with First Line technology, engineering, and architecture teams to promote a “shift-left” approach, ensuring risks are addressed early in the development lifecycle.
- Provide technical and operational perspective on enterprise initiatives to help ensure risks, dependencies, and implementation considerations are addressed early.
- Explore, assess, and question data from multiple origins to pinpoint innovative metrics and potential opportunities that strengthen Mastercard’s risk culture.
- Apply process engineering to design, assess, and enhance operations for greater efficiency, quality, scalability, and control, while turning business and risk needs into consistent, measurable results. All about you
- Ability to independently manage multiple priorities, deliverables, and initiatives simultaneously in a fast-paced environment.
- Experience with cloud-native architectures and patterns for scalable, resilient distributed systems.
- Adept at working effectively within a large, matrixed organization, building relationships and driving progress across teams with competing priorities.
- Proactive and curious mindset, with the ability to engage broadly across the business while maintaining focus on core responsibilities.
- Strong technical foundation with the ability to connect architectural, operational, and engineering decisions to business and risk outcomes.
- Experience advocating for policy and procedure enhancements when necessary.
- Demonstrated ITSM experience leading incident investigations, change impact analysis, and problem management (root cause analysis, post-incident reviews, corrective actions).
- Skilled in presenting to senior/executive management and large forums.
- Capable of guiding technology risk decisions among diverse stakeholders, even without formal authority.
- Experience with governance, risk, and compliance (GRC) processes and platforms is not required but helpful
- Excellent verbal and written communication abilities, with the ability to translate complex technology risk topics into concise, executive-ready messaging.
- Ability to quickly understand organizational context, navigate internal processes, and build credibility with business, technology, and control partners.
- Knowledge of enterprise risk and control frameworks, including ISO, NIST CSF, COBIT, CRI, FAIR, or similar recognized international standards.
- A degree in engineering, computer science or a similar discipline, and/or equivalent professional experience. Mastercard is a merit-based, inclusive, equal opportunity employer that considers applicants without regard to gender, gender identity, sexual orientation, race, ethnicity, disabled or veteran status, or any other characteristic protected by law. We hire the most qualified candidate for the role. In the US or Canada, if you require accommodations or assistance to complete the online application process or during the recruitment process, please contact reasonable_accommodation@mastercard.com and identify the type of accommodation or assistance you are requesting. Do not include any medical or health information in this email. The Reasonable Accommodations team will respond to your email promptly. Corporate Security Responsibility All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must: Abide by Mastercard’s security policies and practices
- Ensure the confidentiality and integrity of the information being accessed
- Report any suspected information security violation or breach, and Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines. In line with Mastercard’s total compensation philosophy and assuming that the job will be performed in Canada, the successful candidate will be offered a competitive pay based on location, experience and other qualifications for the role and may be eligible to participate in a discretionary annual incentive program. This posting reflects one or more current openings on our team. Pay Ranges Toronto, Canada: $138,000 - $221,000 CAD
Required skills
cloud-native architecturessoftware engineeringarchitectural expertiseprocess engineeringITSMgovernanceriskcompliance