Principal Risk Analyst

Our Purpose

Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we're helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential.

Title and Summary

Principal Risk Analyst

This role is responsible for advancing Mastercard's risk and compliance capabilities across the Payment Networks Core technology environment. As a Principal-level leader, you will drive the design, implementation, and scaling of risk and control practices that are deeply embedded in the product lifecycle. You will serve as a thought leader and educator, enabling engineering and operational teams to build resilient, compliant systems through effective control design and risk-informed decision-making.

You will combine product management expertise with operational and engineering experience to ensure that risk and control strategies are technically sound, measurable, and aligned with Mastercard's enterprise risk framework.

Key Responsibilities
Strategic Control Integration: Lead the design and integration of key controls early in the product lifecycle to ensure audit readiness, sustainable control health, and proactive risk mitigation through secure-by-design principles.
Risk Intelligence & Automation: Architect scalable solutions for collecting, consolidating, and analyzing control effectiveness data across diverse technology stacks. Enable automation and self-service reporting to support data-driven risk management.
Control Self-Attestation at Scale: Drive the evolution of self-attestation programs, ensuring consistency, scalability, and alignment with enterprise risk and compliance standards.
Technical Enablement & Education: Serve as a subject matter expert and educator to engineering and operational teams. Translate complex risk and control concepts into actionable guidance, fostering a culture of accountability and continuous improvement.
Governance & Reporting: Develop and maintain dashboards and reporting mechanisms to communicate risk posture, control health, and remediation progress to senior leadership and stakeholders.
Remediation Strategy & Advisory: Guide control owners in interpreting risk signals (e.g., KPIs, audit findings, exceptions) and developing effective remediation strategies that align with technology and security standards.
Cross-Functional Leadership: Partner across risk, compliance, engineering, and product teams to ensure alignment, eliminate silos, and strengthen end-to-end control execution.
All About You
Proven experience in technology product management with a strong foundation in risk management, compliance, or technology operations.
Deep understanding of IT risk and control frameworks (e.g., NIST, ISO 27001, SOC 2, PCI-DSS) and experience applying them in complex, distributed environments.
Hands-on experience with system design, architecture, or engineering operations, enabling you to assess control applicability and effectiveness across varied technology stacks.
Demonstrated ability to educate and influence technical and non-technical stakeholders on risk and compliance best practices.

• Abide by Mastercard's security policies and practices;
• Ensure the confidentiality and integrity of the information being accessed;
• Report any suspected information security violation or breach, and
• Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines.