Our Purpose
Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we're helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential.
Title and Summary
Senior Auditor
The Internal Audit Department provides independent and objective assurance and advisory services to assess and enhance the effectiveness and efficiency of Mastercard's governance, risk management and internal control processes. This position will be responsible for planning and executing global IT and operational audits and supporting the department's integrated risk assessment and plan development.
Want more jobs like this?
Get jobs in São Paulo, Brazil delivered to your inbox every week.
Role:
• Understand the business and technology environment; effectively partner with stakeholders to understand associated risk and control environment
• Contribute to the annual risk assessment process and the development of the annual audit plan
• Deliver on time, high quality testing/audits, reviews, and advisory projects, with participation in all phases: planning/scoping, fieldwork, and reporting
• Evaluate compliance against legal, regulatory, policy and procedural requirements, and industry frameworks and best practices
• Assess design and operating effectiveness of controls through inquiry, observation, and inspection testing
• Identify, draft, and validate issues with business partners, accounting for impact, root cause, and risk severity
• Work with issue owners to drive the development of sustainable actions to remediate issues; regularly monitor issue progress and validate closure
• Provide credible challenge to stakeholders in all areas of audit coverage
All About You:
• Technology or Technology Risk Management professional (first/second line of defense, internal / external audit) or equivalent experience or exposure to both infrastructure and applications
• Knowledge of IT general computer controls, Information Security controls, and related processes and frameworks (i.e. NIST, COBIT, COSO, ISO)
• Knowledge of third party assurance reporting and frameworks (SOC, ISAE3000) is a plus
• Exposure to multiple computing environments (i.e. AWS, Mainframe, UNIX/Linux)
• Exposure and/or experience related to payments-related products and services, Open Banking, Data Management, and Artificial Intelligence is a plus
• Professional credentials (e.g., CIA, CISA, CISSP, or equivalent) are a plus
• Self-starter with ability to work independently and in a team setting
• Ability to handle multiple tasks and consistently meet established deadlines
• Travel opportunities based on need, 10% maximum
Corporate Security Responsibility
All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:
- Abide by Mastercard's security policies and practices;
- Ensure the confidentiality and integrity of the information being accessed;
- Report any suspected information security violation or breach, and
- Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines.