Our Purpose

Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we’re helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential.

Title and Summary

VP, Technology Regulatory Optimization & Customer Engagements

Overview:

The Technology Regulatory Execution of Risk & Controls (TREx) team ensures Mastercard’s global technology operations meet regulatory standards while fostering innovation. The global TREx teams collaborate to manage regulatory obligations, engage with regulators, and oversee market compliance. Their focus includes regulatory reporting, change management, and strategic consultation to help shape future regulations—building a secure, compliant, and forward-looking tech environment.

The Technology Regulatory Market Compliance (TRMC) team, a division of TRex, is responsible for engaging with regulators and customers to demonstrate Mastercard’s adherence to its promises, commitments, and obligations. Our team translates regulatory and customer requirements into actionable standards and illustrates how Mastercard’s controls effectively address these expectations. This role serves as the senior global regulatory compliance leader, building a new program to support a unified global structure that bridges the gap between complex regulatory requirements and world-class customer experiences.

Role

• Strategic Leadership

• Lead the regulatory compliance strategy for TRMC, to optimize risk-related processes and regulatory responses aligned to our policies, and regulations for multiple regions

• Identify regulatory gaps and lead enterprise remediation/initiatives for consistent compliance, that reduce regulatory risk and improve regulator/customer readiness

• Own executive regulatory/risk reporting and communications; surface exposure, drivers, and systemic control themes.

• Advise executive leadership on risk posture, emerging regulatory and customer requirements, and systemic risk

• Optimize cross-functional workflows to accelerate secure market delivery and strengthen stakeholder confidence

• Monitor business, market and regulatory landscape to identify required standards, policy requirements and potential implications to company

• Oversee readiness for external technology/security examinations; ensure strategic narratives and evidence appropriately align with scope

• Advise regional leads on regulatory/contractual requirements; drive technology, security, and governance solutions.

• Translate regulator/customer expectations into technology/security standards and control requirements.

• Relationship Management/Partner

• Build collaborative partnerships with business unit leaders and subject matter experts (e.g., technology region leaders, regulatory affairs, product teams) to anticipate obligations, surface risks,a and drive mitigation

• Partner with Regulatory to shape responses to new and evolving requirements

• Build strategic partnerships; codify best practices and translate trend insights into enterprise strategy

• People & Organizational Leadership

• Lead, mentor, and develop a high-performing team of technology risk, compliance, and assurance professionals

• Build a culture of ownership, accountability, transparency, and continuous improvement

• Attract and retain top talent with a blend of technology fluency and risk discipline

• All About You

• Deep experience in the payments industry, transaction processing platforms, or highly regulated financial services environments

• Strong understanding of payment system architecture, technology operations, and platform resiliency

• Extensive background in technology risk management, audit, compliance, or assurance, ideally within global, regulated environments

• Demonstrated experience leading enterprise-scale risk programs across multiple regions and technology domains

• Proven ability to influence without authority and operate credibly with engineering leaders, executives, auditors and regulators

• Exceptional communicator capable of tailoring messages from deeply technical to executive-level audiences

• Strong people leader with a track record of building and scaling high-performing teams

• Comfortable making data-driven decisions, managing trade-offs, and resolving escalations in complex, fast-moving environments

• Deep familiarity with laws, regulations, policies, and ethics as they relate to cybersecurity and IT management (e.g., GDPR, FBA, CBA, PFMI, etc.)

• Knowledge of industry frameworks and standards such as: PCI DSS, ISO 27001. SOC1/2, SOX, and NIST / ITIL

• Demonstrates a forward-looking approach to risk management, leveraging data and emerging technologies (including AI) to enhance risk insights, efficiency, and decision-making.

• Balances strong control discipline with pragmatic, business-enabling approach to risk management

• Education & Professional Background

• Bachelors degree in Risk Management, Finance, Computer Science, Information Systems, or related discipline

• Advanced degree (e.g. Masters in Information Systems, Cybersecurity, Risk Management, Business Administration, or related field) is preferred, but not required

• Demonstrated commitment to continuous professional development in technology, risk management, or regulatory disciplines

• Relevant professional certifications are preferred and may include: CISA, CRISC, or CISM, or CISSP

Corporate Security Responsibility

All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:

• Abide by Mastercard’s security policies and practices;

• Ensure the confidentiality and integrity of the information being accessed;

• Report any suspected information security violation or breach, and

• Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.