Mastercard
Vice President Technology Risk Reporting & Governance

How your CV stacks up
Upload your CV to see how well it fits this job role
?%
Our Purpose
Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we’re helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential.
Title And Summary
Vice President Technology Risk Reporting & Governance
This role is accountable for the end-to-end risk reporting governance and stakeholder coordination of technology risk, ensuring effective oversight from first-line entities, CTO risk functions through to second-line enterprise risk requirements. The role drives alignment with Enterprise Risk Management (ERM), Operational Risk and Technology Risk frameworks and expectations, while supporting audit and regulatory responses. Partnering closely with Risk Champions, Business Risk Managers, and cross-functional stakeholders, the position ensures disciplined risk reporting, material readiness, escalation, and action follow-through, ultimately supporting both regulatory obligations and organisational risk management expectations.
Role
The Successful Candidate Will Be Responsible To
- Lead the evolution of the Technology Risk Reporting Governance framework, driving horizontal and vertical alignment of technology risk oversight across the organisation.
- Define and embed enterprise reporting standards and minimum reporting requirements, strengthening connectivity between forums and committees and enabling effective escalation, aggregation, and executive decision-making.
- Own the Technology Risk Committee (TRC) operating model, including governance structure, charter, membership, annual agenda, and overall effectiveness of the forum.
- Provide strategic oversight of the TRC governance lifecycle, ensuring high-quality materials, robust challenge, timely decision-making, and effective action tracking.
- Facilitate senior stakeholder discussions, driving alignment on technology risk priorities, emerging concerns, strategic decisions, and risk mitigation activities.
- Oversee the development and quality assurance of technology risk reporting and committee materials, ensuring clear, insightful, and decision-oriented reporting for executive and board-level governance forums.
- Own the enterprise technology risk reporting agenda, including Top Technology Risks, risk assessments, key risk indicators, and other reporting required to support effective oversight and governance.
- Partner with Technology Risk Leadership, Risk Champions, Business Risk Managers, and second-line stakeholders to ensure alignment with Enterprise Risk Management, Operational Risk, and Technology Risk expectations.
- Provide executive oversight of Corporate Risk Assessments concerning Operational Resilience reporting, ensuring risk positions, mitigation strategies, and risk register updates accurately reflect the organisation's risk profile.
- Lead the development and continuous enhancement of enterprise-wide technology risk reporting, ensuring comprehensive coverage of strategic, operational resilience, and information security risks, while providing clear visibility of mitigation progress and emerging exposures.
- Establish and govern the enterprise technology emerging risk programme, ensuring emerging threats and trends are identified, assessed, escalated, and incorporated into risk management and reporting processes where appropriate.
- Act as a senior stakeholder for regulatory, audit, and supervisory engagements, ensuring technology risk and operational resilience responses are coordinated, accurate, and aligned with regulatory and organisational expectations.
- Drive continuous improvement of technology risk reporting governance and oversight practices, identifying opportunities to enhance efficiency, transparency, data quality, and executive insight across the risk management lifecycle.
Reasons to use Rodeo
I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?
Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.
Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.
Start with a chat, not a search bar
Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.
Graduate Consultant — 2026 Scheme
Why you're a good match
StrongYour economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.
See breakdownIt searches the market for you
Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.
Why you're a good match
You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.
Experience fit
Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.
Only hits
No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.
All About You
- 10+ years of progressive experience in technology risk management, risk governance, operational resilience, or related risk and control disciplines within a complex, global organisation.
- Demonstrated leadership of enterprise-wide governance programmes, establishing reporting frameworks, governance operating models, and oversight mechanisms that support regulatory and organisational objectives.
- Proven ability to shape and influence executive and board-level risk discussions, providing clear insight, challenge, and direction through high-quality reporting, metrics, and narrative.
- Deep experience partnering with second-line functions (ERM, Operational Risk, Compliance, Information Security, Internal Audit) and leading responses to regulatory, audit, and supervisory engagements.
- Strong stakeholder management and influencing skills, with the ability to align diverse senior stakeholders, build consensus, and drive outcomes across a matrixed organisation without direct authority.
- Strategic thinker with exceptional communication skills, able to translate complex technology and operational risk matters into concise, actionable insights for executive audiences.
- Experience overseeing end-to-end risk reporting governance, ensuring alignment from first-line risk ownership through second-line enterprise requirements, while supporting effective escalation, aggregation, and decision-making across committees and forums.
- Track record of building, leading, and developing high-performing teams, fostering a culture of accountability, collaboration, and continuous improvement.


Get help with your application
Your very own career expert that helps elevate your application to the next level.
Corporate Security Responsibility
All activities involving access to Mastercard assets, information, and networks must be performed in compliance with applicable policies and standards, including safeguarding information, completing required training, and promptly reporting security incidents in accordance with corporate requirements.
Equal Opportunity
Mastercard is an equal opportunity employer and is committed to creating an inclusive environment for all employees.
Corporate Security Responsibility
All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:
- Abide by Mastercard’s security policies and practices;
- Ensure the confidentiality and integrity of the information being accessed;
- Report any suspected information security violation or breach, and
- Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.
“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”
Jessica, London
Skills
Location