Job Title:
Lead Analyst, Enterprise Resilience (Testing & Exercise)
Overview:
Who is Mastercard?
Mastercard is a global technology company in the payments industry. Our mission is to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart, and accessible. Using secure data and networks, partnerships, and passion, our innovations and solutions help individuals, financial institutions, governments, and businesses realize their greatest potential.
Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. With connections across more than 210 countries and territories, we are building a sustainable world that unlocks priceless possibilities for all.
Mission First, People Always
As Corporate Security, we are responsible for keeping Mastercard safe and secure from cyber and physical threats, and it is our people on the frontlines who make this happen every day.
By taking care of our people, their wellbeing, and career development, we provide them the necessary tools and environment to ensure the success of our mission.
Overview:
The Enterprise Resilience Team is seeking a testing & exercise expert to provide structure, requirements, and coordination across Mastercard’s Enterprise Resilience Teams: Business Continuity (BC), Crisis Management (CM), Technical Recovery (TR), Resilience Planning (RP), and Operational Resilience (OR). This is a hands-on role expected to work independently while receiving support, processes, and procedures from a global team. Some international travel may be required.
Role:
1. Partner with a global Enterprise Resilience team to design and implement enhanced testing and exercise capabilities.
2. Help embed Operational Resilience within the organization, based on the foundation of the Enterprise Resilience Disciplines (BC, CM, TR, SR).
3. Partner with global staff to understand resilience and guide standardization where appropriate.
4. Maintain a high-level understanding of Operational Resilience regulations and guidelines, specifically the Bank of England (BoE) regulations.
5. Be aware of other jurisdiction regulations, guidelines, and proposals related to Operational Resilience (e.g., DORA).
6. Implement the Enterprise Resilience program structure to align with relevant certification standards (ISO).
7. Support regulatory compliance for all jurisdictions in which the business operates, in partnership with the Resilience Planning (RP) function.
8. Assess and clarify Impact Tolerance levels for critical services.
9. Partner with Risk to ensure attestations to regulators are made in line with program and regulatory expectations.
10. Manage BCM tasks such as business impact analysis, risk assessment, business continuity planning, and exercises, providing detailed QA and support.
11. Ensure third-party business continuity capabilities are compliant with risk management mandates.
12. Serve as a Crisis Management SME to set up the entity with appropriate response models, plans, and exercises, supporting during crises.
13. Collaborate with technology recovery contacts to ensure impact analysis, recovery plans, and exercises are performed as per policy.
14. Train business partners on roles and responsibilities within the program.
15. Build strong relationships within the organization to embed a business continuity culture.
16. Provide consultation to management and identify process improvement opportunities.
Experience & Qualifications:
* Excellent written and spoken English communication skills.
* Minimum of three years’ experience in a similar role.
* Knowledge of ISO certification requirements and relevant regulations/legislation.
* Industry accreditation (preferably MBCI or equivalent).
* Experience in impact analysis & risk assessment design.
* Experience designing, facilitating, and reporting on complex exercises.
* Understanding of technology recovery exercises; a technical background is advantageous.
* Experience managing third-party business continuity risk.
* Experience with Fusion Risk Management software is advantageous.
* Experience with emergency notification tools is advantageous.
* Experience in designing and delivering management information metrics is advantageous.
Personal Qualities:
* Ability to influence stakeholders.
* Confident decision-maker with ownership of tasks and objectives.
* Ability to deliver consistent results with limited supervision.
* Excellent communication and presentation skills.
* Strong relationship management skills.
* High attention to detail and accuracy.
* Ability to implement solutions aligned with strategic direction.
* Passion for personal development and learning.
NICE Framework references
This role shares knowledge, skills, and abilities with related NICE work roles.
PD-OR-006 Provides Practitioner level expertise in ensuring Service Resilience against Severe But Plausible threats.
Corporate Security Responsibility
Every employee is responsible for information security, must abide by security policies, ensure confidentiality, report violations, and complete mandatory trainings.
#J-18808-Ljbffr