Our Purpose Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we're helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential. Title and Summary Senior Technology Risk Analyst The Commercial & New Payment Flows Technology Risk team is seeking a Technology Risk Analyst II role. The role will be responsible for assessing the effectiveness of controls for the first line business, which is crucial for adhering to customer and regulatory mandates. In addition, the role would also include providing compliance support and monitoring and reporting on the ongoing operational efficacy of Mastercard's Technology control framework as well as performing data analysis and aggregation across other tech risk initiatives. . This role will be a pivotal component of the Mastercard Technology Regulatory Execution function. Mastercard is committed to striking a balance between innovation and safeguarding its internal control posture. The team conducts assessments of internal controls to proactively identify risks, define remediation actions, and monitor remediation progress. We are seeking an individual to join our team and assist us in achieving these compliance objectives. This person will possess technical expertise, a propensity for problem-solving, and a drive to achieve outcomes. Job Responsibilities * Provide consultancy and central coordination for security and compliance activities, encompassing the implementation of ISO 27001, ISO 9001, and ISO 27701, as well as PCI standards within the organisation. * Identify potential security risks and issues through control assessments and ensure their resolution within specified timelines. * Establish and monitor remediation efforts both internally and externally until resolution, while simultaneously enhancing the design and operational efficiency of controls. * Document the outcomes of assessments and prepare assessment reports for key stakeholders. * Prepare compliance status reports and dashboards for key initiatives, plans, and audit tracking of current processes in accordance with management requirements. * Data Aggregation & reporting for various risk & compliance activities in support of the larger risk management practices. About You: • Experience: - Ideal experience working within digital and technology functions, preferably in a compliance role. - Reasonable understanding of security and quality management frameworks such as ISO 27001/27002, ISO 9001, ISO 27701, and PCI. - Bachelor's degree or equivalent combination of education and experience, or a Bachelor's degree in computer science, information technology, or a related field is preferred. - One or more professional certifications like CISA or CISSP (desirable) - Professional certifications ISO 27001, ISO 9001 Lead Auditor, and Implementer - Reasonable understanding of information security domains and possesses a well-rounded technical background. Basic knowledge of infrastructure and application security would be desirable. - Experience working on GRC tools like Archer would be a significant advantage. - Excellent communication and problem-solving skills and able to collaborate across global team. - Demonstrated experience in managing complex projects related to information security. Ability to: Review security architecture of applications and determine PCI/ISO relevance Employ strong research skills and problem solving skills Apply PCI/ISO standards to new and existing technologies Identify and evaluate security gaps Communicate business risk to stakeholders Understand security findings (scanning/Pen test) and assess remediation strategy Evaluate compensating controls Conduct or facilitate meaningful meetings Work in slightly chaotic, rapidly growing environment Corporate Security Responsibility All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must: - Abide by Mastercard's security policies and practices; - Ensure the confidentiality and integrity of the information being accessed; - Report any suspected information security violation or breach, and - Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines.

Role Description The Risk and Resilience Specialist is a Consulting role in 11:11 Systems’ Consulting Services sub-department, based in the UK and responsible for pre-sales selling of Consulting and recurring revenue services as well as post-sales delivery of Consulting services. This role is responsible for assisting the sales department in identifying customers' resilience gaps and vulnerabilities to facilitate the recommendation and sale of recurring revenue solutions and services supported by resilience principles. The role will be responsible for delivering industry expertise and thought leadership in risk and resilience and will collaborate with customers to identify their risks and partner with sales teams to propose and help deliver tailored mitigation strategies, emphasizing business outcomes over point solutions. - Deliver thought leadership content to showcase 11:11’s expertise in the latest risk and resilience trends, threats, and concepts to support sales in driving recurring revenue solutions. - Lead and manage implementation of resilience strategies including building plans, programs and technical solutions. - Facilitate pre-sales through consultative selling and the use of assessment models to provide sales with an understanding of a customer’s risk and resilience posture to define strategies to mitigate their risk with 11:11 recurring revenue solutions and services. - Develop and deliver formal sales proposals, in partnership with sales, to recommend the appropriate suite of 11:11 solutions and services as well as the rationale behind them. - Provide pre-sales support for opportunistic consulting engagements when necessary. - Help grow the Consulting Department’s delivery capabilities by identifying and onboarding UK vendors and contractors that can support delivery of 11:11 consulting services. - Responsible for growing the revenue and customer base in the UK region. - Work supportively with colleagues, operating in a manner that is consistent with 11:11’s Code of Business Ethics and Company Values. - Responsibly receive, transmit, and handle company data and information per Company data handling agreements, work procedures and policies. - Review and follow company policies and guidelines, data privacy practices, including annual compliance training certification and policy acknowledgements. - Additional duties as assigned. Qualifications - Bachelor's degree in Information Technology, Business Administration, or a related field required. - Minimum of 8 years of experience in technology sales support, compliance, risk management, or a related consultative sales field. - Deep expertise in Business Continuity, Disaster Recovery, Cyber Resilience, and Program Management, including technical strategies for IT resilience (e.g., data backup strategies, Disaster Recovery as-a-Service). - Strong knowledge of resilience products, services, and industry best practices. - Proven experience selling and delivering resilience solutions using a consultative, outcomes-focused approach, with a specific focus on driving the sale of 11:11 Systems solutions and services to increase recurring revenue. - Demonstrated ability to coordinate effectively with sales teams and customers, balancing multiple priorities and driving results in a dynamic, fast-paced environment. - Strong experience developing new service concepts and facilitating risk and resilience workshops, tabletop exercises, and presentations. - Exceptional communication, storytelling, critical thinking, and problem-solving skills, with the ability to assess risks and provide actionable insights and compelling proposals. - Proficiency in Microsoft Office Suite and familiarity with marketing automation tools. - One or two industry certifications such as MBCI, CBCP, CBRM, CBRITP, or related, preferred. - Must be legally eligible to work in the assigned country without visa sponsorship. Benefits - Standard Life Pension Scheme - Healthcare Insurance Plan - Cash Plans - Income protection - Life assurance - Paid Vacation & Holidays - Leave of absences

• Lead and build the Risk team, setting direction, priorities, and standards for the function • Own and evolve Aave’s risk management frameworks and policies • Coordinate with external risk service provider teams to ensure alignment on risk parameters • Set, monitor, and adjust protocol risk parameters across deployments and markets • Approve and sign off on collateral onboarding decisions and risk assessments • Review liquidation performance and recommend improvements to liquidation mechanisms • Lead risk governance processes and present risk analyses to the DAO • Monitor market structure changes and their implications for protocol risk • Take full accountability for risk outcomes and drive a culture of ownership within the team

• Acquire and grow new clients • Ensure profitable growth of the product based on pricing and account targeting strategies; sustainable growth strategies that address market opportunities and challenges • Serve as primary point of contact for clients, sales reps counsel, and consultants on Information Governance projects • Provide accurate reporting and forecasts based on sales funnel plans, client usage and new account activity • Proactive in thought leadership around Information Governance offerings • Drive identification and scoping of prospective Information Governance engagements with current and prospective clients: Analyze client history, analytics, and review needs to propose engagement opportunities • Participate in calls and meetings with clients and Microsoft Strategy Sessions regarding potential Information Governance engagements • Drive Sales team engagements with prospective clients • Support active clients in their use of M365 leveraging Lighthouse Information Governance Consultants: Scope and coordinate work with internal team members across teams and with clients and outside counsel • Leverage learnings from Information Governance projects to provide statistically supported recommendations • Develop and document use cases and best practices for application of Information Governance Services • Train and mentor sales team members supporting Information Governance • Collaborate effectively with other Service Delivery teams to ensure superior client service • Travel to prospective and existing clients, attend trainings and conferences • Perform other related duties as assigned