Manager, Audit

Our Purpose
Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we're helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential.
Title And Summary
Manager, Audit

Overview

• Do you thrive in a fast-paced environment where both attention to detail and focus on big picture are equally and critically important?
• Are you eager to understand Mastercard global business and provide senior management with insights and perspectives on governance, risk management, and internal controls?
• Have you been successful as part of a global team with diverse skills and experiences?

Mastercard Internal Audit provides independent and objective assurance and advisory services to assess and enhance the effectiveness and efficiency of Mastercard governance, risk management, internal controls, processes, and activities, globally.

This position will be responsible for contributing to multiple projects and activities within the Mastercard Internal Audit team, with a primary focus on business and relevant regulatory requirements in the Latin America and Caribbean (LAC) region, including local governance, risk management, and technology related activities. This position will be reporting to the Internal Audit Director, Americas. This position will also have a strong connection with the Mastercard Internal Audit Technology team.

Role

• Be part of a dynamic global team and work collaboratively with colleagues, locally and from other Mastercard offices around the world. Be a champion and advocate for strong governance, risk management, internal controls, and partner with other risk and control functions across the organization to strengthen Mastercard three lines of defense model.
• Contribute actively to the effective and efficient delivery of assigned assurance or advisory projects across various markets, technology, products, services, or functional areas, as driven by the Internal Audit annual plan. Initially as a project team member, owning specific scope areas within assigned projects, then increasing the number of assigned scope areas, providing guidance and supervision to more junior project team member, and leading selected projects.
• Within each assigned project and scope area, understand specific risks (e.g., technology, strategic, operational, financial, legal, regulatory, other) and business requirements, develop and execute risk-based testing, and document supporting workpapers in a complete, accurate and timely manner. Evaluate compliance with relevant policies, procedures, and requirements, assess controls design adequacy and operating effectiveness, and identify controls gaps and improvement opportunities. Develop and articulate draft reportable issues for validation with management and understand related risk, impact, and root cause.
• Partner with management to develop action plans that remediate gaps identified in a sustainable manner.
• Track, monitor, and validate the adequate and timely action plans completion by management.
• While growing and developing in role, take ownership of Internal Audit primary relationship for business in LAC and for one or more additional business areas, and leverage that knowledge to contribute to the Internal Audit annual risk assessment and planning process, leading to the development of the Internal Audit annual plan.
• This position is also intended to become the Subject Matter Expert (SME) and primary contact for all LAC regulatory related matters for the Mastercard Internal Audit team. Accordingly, this position will establish and develop strong relationships with the other Mastercard functions (first and second line) which are also involved with LAC regulatory requirements (e.g., Reg Affairs, Risk Management, Technology, Technology Risk Management). Also, this position will build and develop Mastercard Internal Audit knowledge around LAC regulatory requirements. That knowledge will be leveraged as an input and contribution to the Internal Audit annual risk assessment and planning process, leading to the development of the Internal Audit annual plan.
• This position is intended to potentially prepare reports for the LAC legal entity boards and presenting on control environment matters to keep the board informed and support relevant decision-making.

All About You

• Prior successful experience in internal and/or external auditing, with specific expertise in testing various operational areas and information technology / security areas (e.g., IT GCC, IT Operations, SDLC, UNIX, HP Non-Stop, Windows, Cloud environments, IT security practices, PCI DSS compliance, ISO 27001 standards).
• Ability to quickly understand and critically analyze complex processes, to identify and assess potential risks, and determine whether those risks are appropriately managed. Proficiency in various audit techniques such as inquiry, walkthrough, validation, reperformance, sampling, analytics, problem-solving, and root cause analysis.
• Excellent interpersonal and communication skills, both written and verbal, including professional fluency in Spanish and English.
• Ability to work well, both independently and within a team, deliver high-quality work, within budget and on time, intellectually curious, self-motivated, passionate, service-minded, culturally attuned, and flexible.
• Committed to self-development, constructive feedback, and seeking opportunities to capitalize on strengths and address development areas.
• Bachelor's degree with concentration in information systems, information technology, computer science or engineering. Relevant professional credentials and certifications (e.g. CISSP, CISA, CIA) are a plus
• Proficient with MS Excel, Word, PowerPoint, and familiar with ACL or similar data analytics / auditing tools.
• Ability to travel up to 10%.

Corporate Security Responsibility
All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:

• Abide by Mastercard's security policies and practices;
• Ensure the confidentiality and integrity of the information being accessed;
• Report any suspected information security violation or breach, and
• Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines.