Our Purpose

Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we’re helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential.

Title and Summary

Lead Technology Risk Management Analyst (RBI, Internal and External Audits)

Who is Mastercard?
Mastercard is a global technology company in the payments industry. Our mission is to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart, and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments, and businesses realize their greatest potential.
Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. With connections across more than 210 countries and territories, we are building a sustainable world that unlocks priceless possibilities for all.

Overview:

AI & Decision Product Enablement Program (AI & DPE) is an internal product suite that enables intelligent decisions for market facing products. This program provides sophisticated, industry-leading intelligence with a range of capabilities that structure and apply complex business logic across the payment journey and beyond to inform and accelerate decisions at scale. This is achieved by leveraging supercomputing capabilities, sophisticated business rules, AI technologies, a streaming big data cluster, high speed in-memory data caching, APIs, & UIs to enrich data and provide real-time decisions.
The AI DPE Risk Management team is looking for a Lead Technology Risk Analyst to drive our compliance and regulatory frameworks in India. The ideal candidate is passionate about proactive readiness to control testing, a willingness to learn complex environments, and has experience in the auditing and regulatory space, particularly in India. This is a high impact role for a risk minded, detail oriented leader who thrives at the intersection of technology, regulation, and operational excellence.

The Lead Technology Risk Analyst will:

• Provide control, compliance, and regulatory guidance to developers, architects, and project managers.

• Interpret and operationalize new and evolving regulatory requirements, including RBI (PSS, IDL), DPDP Act, privacy, and broader data regulations.

• Assist in the design and implementation of preventative and detective controls within the first-line environment.

• Partner closely with US‑based counterparts to manage and continuously mature the program’s global control landscape.

• All About You

• 8-12 years of overall career experience into managing audits and technology risk management

• Has had audit and regulatory experience (specifically RBI (PSS & IDL), and has conducted internal and external audits

• You have managed large audits end to end with RBI

• You have been a part of internal and external audits managing various products and teams on a large scale

• Passionate about building proactive readiness frameworks and strengthening first line control environments

• Able to translate regulatory requirements into actionable control practices within AI driven and data intensive environments

• Adept at integrating IT risk program frameworks with enterprise risk functions, designing IT risk metrics, risk aggregation and reporting concepts

• Ability to communicate effectively with cross-functional Data Science, Development teams, regulatory agents, and the core product business teams

• Thrives working with highly technical products in a fast-paced delivery environment

• Possession of at least one relevant professional certification, such as (but not limited to) CIA, CISA, CISM, or CFE.

In this position, you will:

• Partner with leadership to identify control gaps and drive resolution, solutioning, and long‑term risk reduction.
• Act as liason between our first line engineers and architects and external audit
• Collaborate with internal risk, compliance, and governance teams to manage, monitor, and maintain regulatory and compliance controls across the program.
• Facilitate scope and impact assessment to identify control and regulatory requirement applicability
• Support program‑ and product‑level audits, and develop readiness materials for enterprise or external audit engagements.

Corporate Security Responsibility:

Every person working for, or on behalf of, Mastercard is responsible for information security. All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and therefore, it is expected that the successful candidate for this position must:

• Abide by Mastercard’s security policies and practices;
• Ensure the confidentiality and integrity of the information being accessed;
• Report any suspected information security violation or breach, and
• Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.

Corporate Security Responsibility

All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:

• Abide by Mastercard’s security policies and practices;

• Ensure the confidentiality and integrity of the information being accessed;

• Report any suspected information security violation or breach, and

• Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.