CrawlJobs Logo
Mastercard Logo Mastercard · Finance

Manager, Risk Management Cyber Security

United Kingdom, London · Job Posted January 20, 2026
Apply Position
Job Link Share

Job Description

This role sits within the Second Line of Defence (2LOD) Risk function and provides independent oversight and challenge of Cyber Security risk across Vocalink Mastercard. You will act as a functional risk partner to the First Line of Defence Cyber Security function, ensuring robust risk management practices are embedded and aligned with regulatory expectations and industry best practice. The role supports the delivery of a secure and resilient service to millions of citizens and businesses, safeguarding critical payment infrastructure and data assets. You will champion cyber security and resilience risk internally and at senior management level, helping to maintain trust in the UK financial system.

Job Responsibility

  • Provide second line expertise and challenge around all aspects of Cyber Security related risks
  • Support the Vocalink risk management approach and implemented policies and procedures to minimize Cyber Security risk exposure and drive robust controls
  • Support the implementation and embedding of the Enterprise Risk Management Framework for Cyber Security risk, ensuring completeness and accuracy of risk assessments, control standards, residual risk evaluations, and issue management
  • Partner with first line Cyber Security teams to promote balanced risk-taking and a strong risk culture
  • Represent Cyber Security risk at relevant committees and forums, deputising for the VP Risk Management when required
  • Provide clear and concise risk briefings to senior stakeholders, including the CRO ensuring timely escalation of material risks and appetite breaches
  • Liaise with and support the risk and control owners to resolve any questions, queries and challenges relating to cyber security relevant certification and or customer requirements for example, during an audit as well as in the pre and post audit stages

Requirements

  • Professional cyber security certifications (e.g., CRISC, CISA, CISM, CISSP, ISO 27001 Lead Auditor) preferred
  • Knowledge of key cyber security relevant control domains, frameworks and standards (e.g., NIST, ISO27001, CSF, CRI, MITRE, etc.)
  • Strong understanding of risk management principles and the Three Lines of Defence model
  • Enthusiastic about cyber security including tracking industry trends and emerging risks
  • Experience of applying operational risk frameworks and understanding of risk assessment methodologies
  • Proven experience in Cyber Security risk and controls oversight within a financial institution or critical infrastructure environment
  • Ability to analyse complex data with attention to detail and articulate risk insights clearly to technical and non-technical audiences
  • Skilled in building trusted relationships with stakeholders at all levels
  • Highly organised, adaptable, and able to work independently with minimal supervision and as part of a team
  • Excellent written and verbal communication skills

Nice to have

  • Experience within Critical National Infrastructure responsible organisations
  • Financial Services experience particularly in payments and relevant infrastructure
  • Experience working with regulators (Bank of England supervision)
Mastercard - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Manager, Risk Management Cyber Security

8 matching positions

Cyber and Information Security Risk Manager, Senior Vice President

This role is critical for safeguarding the bank's financial stability and sustai...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Significant progressive experience in Cyber & Information Security Risk Management, IT Risk, Security Compliance, or IT Audit, with significant experience in a financial services environment
  • Demonstrated expertise in identifying, assessing, measuring, monitoring, and reporting on complex cyber and information security risks
  • Proven track record of designing and leading initiatives to enhance security controls and processes
  • Extensive experience collaborating with and managing expectations of diverse stakeholders, including business unit leaders, technical teams, and 2nd and 3rd line functions
  • Strong understanding of evolving cyber threat landscapes, regulatory requirements (e.g., NIST, ISO 27001, GLBA), and industry best practices
  • Proficient in maintaining risk and control frameworks, including Manager’s Control Assessment (MCA), specifically for Cyber & Information Security risks
  • Exceptional communication and presentation skills, with the ability to articulate complex cyber risk concepts and their business impact to senior management and governance committees
  • Ability to act as a primary liaison for all audit and regulatory engagements pertaining to Cyber & Information Security
  • Strong leadership capabilities with experience in leading and mentoring risk management professionals
  • Bachelor's degree required
Job Responsibility
Job Responsibility
  • Proactively identify and assess evolving Cyber & Information Security risks across the business and technology landscape
  • Design and lead strategic initiatives to enhance cyber and information security controls and processes, ensuring alignment with risk appetite
  • Collaborate effectively with business unit leaders and diverse stakeholders to embed robust cyber risk management practices into business operations
  • Partner with 2nd line functions to interpret and apply cyber risk requirements and policies accurately
  • Engage with 3rd line functions to facilitate independent assessments, address findings, and drive resolution of cyber and information security issues
  • Maintain comprehensive oversight of cyber risk posture through continuous monitoring of metrics, activity, and corrective action plan execution
  • Prepare and present clear, concise updates on emerging cyber risks, control effectiveness, and strategic enhancements to senior management and governance committees
  • Ensure rigorous adherence to information security policies and regulatory requirements, including maintaining a robust Manager’s Control Assessment (MCA) for Cyber & Information Security
  • Serve as a primary liaison for all internal and external audit engagements related to Cyber & Information Security
  • Lead and mentor a team focused on cyber risk assessment, regulatory compliance, and efficient reporting and resolution of security-related matters
What we offer
What we offer
  • Generous holiday allowance starting at 27 days plus bank holidays
  • increasing with tenure
  • A discretional annual performance related bonus
  • Private medical insurance packages to suit your personal circumstances
  • Employee Assistance Program
  • Pension Plan
  • Paid Parental Leave
  • Special discounts for employees, family, and friends
  • Access to an array of learning and development resources
  • Fulltime
Read More
Arrow Right

Cyber and Information Security Risk Manager, Senior Vice President

This role is critical for safeguarding the bank's financial stability and sustai...
Location
Location
United Kingdom , Belfast
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of progressive experience in Cyber & Information Security Risk Management, IT Risk, Security Compliance, or IT Audit, with significant experience in a financial services environment
  • Demonstrated expertise in identifying, assessing, measuring, monitoring, and reporting on complex cyber and information security risks
  • Proven track record of designing and leading initiatives to enhance security controls and processes
  • Extensive experience collaborating with and managing expectations of diverse stakeholders, including business unit leaders, technical teams, and 2nd and 3rd line functions (e.g., Information Security Compliance, Operational Risk, Internal Audit, Regulators)
  • Strong understanding of evolving cyber threat landscapes, regulatory requirements (e.g., NIST, ISO 27001, GLBA), and industry best practices
  • Proficient in maintaining risk and control frameworks, including Manager’s Control Assessment (MCA), specifically for Cyber & Information Security risks
  • Exceptional communication and presentation skills, with the ability to articulate complex cyber risk concepts and their business impact to senior management and governance committees
  • Ability to act as a primary liaison for all audit and regulatory engagements pertaining to Cyber & Information Security
  • Strong leadership capabilities with experience in leading and mentoring risk management professionals
  • Bachelor's degree required
Job Responsibility
Job Responsibility
  • Proactively identify and assess evolving Cyber & Information Security risks across the business and technology landscape
  • Design and lead strategic initiatives to enhance cyber and information security controls and processes, ensuring alignment with risk appetite
  • Collaborate effectively with business unit leaders and diverse stakeholders to embed robust cyber risk management practices into business operations
  • Partner with 2nd line functions (e.g., Information Security Compliance, Operational Risk Management) to interpret and apply cyber risk requirements and policies accurately
  • Engage with 3rd line functions (e.g., Internal Audit, Compliance Assurance) to facilitate independent assessments, address findings, and drive resolution of cyber and information security issues
  • Maintain comprehensive oversight of cyber risk posture through continuous monitoring of metrics, activity, and corrective action plan execution
  • Prepare and present clear, concise updates on emerging cyber risks, control effectiveness, and strategic enhancements to senior management and governance committees
  • Ensure rigorous adherence to information security policies and regulatory requirements, including maintaining a robust Manager’s Control Assessment (MCA) for Cyber & Information Security
  • Serve as a primary liaison for all internal and external audit engagements related to Cyber & Information Security
  • Lead and mentor a team focused on cyber risk assessment, regulatory compliance, and efficient reporting and resolution of security-related matters
What we offer
What we offer
  • Generous holiday allowance starting at 27 days plus bank holidays
  • increasing with tenure
  • A discretional annual performance related bonus
  • Private medical insurance packages to suit your personal circumstances
  • Employee Assistance Program
  • Pension Plan
  • Paid Parental Leave
  • Special discounts for employees, family, and friends
  • Access to an array of learning and development resources
  • Fulltime
Read More
Arrow Right

Supplier Cyber Security Specialist - Third Party Risk Management

We are seeking a seasoned cyber security professional to lead the Vulnerability ...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Possess over 10 years of IT experience with a strong focus on cyber security, vulnerability management, and remediation
  • Proficient in tools such as QualysGuard VMDR, WAS, and cloud scanning solutions
  • Skilled in web application penetration testing and knowledgeable in OWASP, Kali Linux, Burp Suite, CVE, SSL PKI, IAM, SIEM, and perimeter security
  • Experienced in managing large-scale vulnerability scanning operations and reporting
  • Strong stakeholder management and communication skills
  • Solid understanding of networking and cyber security policies, standards, and procedures
Job Responsibility
Job Responsibility
  • Lead the Vulnerability Management and Responsible Disclosure team to strengthen Vodafone’s cyber defence capabilities
  • Drive vulnerability management initiatives, ensuring timely identification, communication, and remediation of threats
  • Oversee penetration testing activities related to responsible disclosures and support incident response during crises
  • Research emerging threats, including zero-day vulnerabilities, and ensure targeted scans and mitigation actions
  • Champion continuous improvement through automation and cross-functional collaboration
  • Act as a technical expert in security scanning and penetration testing
  • Foster team development through individual growth plans and maintain high engagement levels
  • Contribute to administrative and delivery initiatives across domains
What we offer
What we offer
  • Opportunity to lead a high-impact domain within a global cyber security function
  • Exposure to cutting-edge vulnerability management tools and practices
  • Collaboration with international teams and stakeholders across Vodafone markets
  • A chance to influence Vodafone’s cyber risk strategy and operational resilience
  • A dynamic and inclusive work environment that values innovation and continuous improvement
  • Fulltime
Read More
Arrow Right

Supplier Cyber Security Specialist - Third Party Risk Management

We are seeking a seasoned cyber security professional to lead the Vulnerability ...
Location
Location
India , Pune
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Possess over 10 years of IT experience with a strong focus on cyber security, vulnerability management, and remediation
  • Proficient in tools such as QualysGuard VMDR, WAS, and cloud scanning solutions
  • Skilled in web application penetration testing and knowledgeable in OWASP, Kali Linux, Burp Suite, CVE, SSL PKI, IAM, SIEM, and perimeter security
  • Experienced in managing large-scale vulnerability scanning operations and reporting
  • Strong stakeholder management and communication skills
  • Solid understanding of networking and cyber security policies, standards, and procedures
Job Responsibility
Job Responsibility
  • Lead the Vulnerability Management and Responsible Disclosure team to strengthen Vodafone’s cyber defence capabilities
  • Drive vulnerability management initiatives, ensuring timely identification, communication, and remediation of threats
  • Oversee penetration testing activities related to responsible disclosures and support incident response during crises
  • Research emerging threats, including zero-day vulnerabilities, and ensure targeted scans and mitigation actions
  • Champion continuous improvement through automation and cross-functional collaboration
  • Act as a technical expert in security scanning and penetration testing
  • Foster team development through individual growth plans and maintain high engagement levels
  • Contribute to administrative and delivery initiatives across domains
What we offer
What we offer
  • Opportunity to lead a high-impact domain within a global cyber security function
  • Exposure to cutting-edge vulnerability management tools and practices
  • Collaboration with international teams and stakeholders across Vodafone markets
  • A chance to influence Vodafone’s cyber risk strategy and operational resilience
  • A dynamic and inclusive work environment that values innovation and continuous improvement
  • Fulltime
Read More
Arrow Right

Risk Manager - Tech and Cyber Risk

Support the Senior Risk Manager – Tech & Cyber Risk and Head of Operational Risk...
Location
Location
United Kingdom , Birmingham
Salary
Salary:
Not provided
socialvalueportal.com Logo
Social Value Portal Ltd
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Knowledge and experience of risk management frameworks and tools with proven technology and cyber risk expertise
  • Experience of working in a global and fast paced business environment is essential
  • Degree level educated or an equivalent combination of education training and experience with security frameworks and industry standards
  • Relevant professional qualification (e.g., IRM International Certificate in Operational Risk, Practitioner Certificate in Information Management, etc.)
  • Proven technology and cyber risk expertise, preferably with a strong understanding of the Lloyd's or wider company insurance market and framework
  • Understanding of the commercial drivers and dynamics affecting risk decisions in the insurance sector, as well as operational and risk processes associated with an international insurance group
  • Ability to build strong partnering relationships with a wide range of stakeholders
  • Ability to interact professionally and with credibility and manage expectations of management and key stakeholders
  • Ability to manage time, meet deadlines and prioritise
  • Able to communicate effectively with others
Job Responsibility
Job Responsibility
  • Support the Senior Risk Manager – Tech & Cyber Risk and Head of Operational Risk in the oversight and management of technology and cyber risk management activities, as well as wider operational risk matters across the Group
  • Support the Senior Risk Manager – Tech & Cyber Risk in facilitating regular Risk & Control Self Assessments (RCSAs) with first line risk owners and stakeholders
  • Support the Senior Risk Manager – Tech & Cyber Risk in implementing and maintaining a robust control environment
  • Provide oversight and challenge of Beazley's first line process around technology and cyber risk
  • Produce risk reporting and opinions, including deep dive reviews on hot topics influencing Beazley's technology and cyber risk profile
  • Support the Senior Risk Manager – Tech & Cyber Risk and Head of Operational Risk in designing, writing and implementing frameworks, policies, procedures and processes
  • Provide critical appraisal of the control environment proposed by the business with reference to the agreed risk appetite
  • Liaise with first line business stakeholders and risk owners to capture new risks and review controls
  • Assist in the preparation of risk management material for internal and external presentations
  • Assist in the provision of induction training to all relevant employees
  • Fulltime
Read More
Arrow Right

Risk Manager - Tech and Cyber Risk

Support the Senior Risk Manager – Tech & Cyber Risk and Head of Operational Risk...
Location
Location
United Kingdom , Birmingham
Salary
Salary:
Not provided
socialvalueportal.com Logo
Social Value Portal Ltd
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Knowledge and experience of risk management frameworks and tools with proven technology and cyber risk expertise
  • Experience of working in a global and fast paced business environment is essential
  • Degree level educated or an equivalent combination of education training and experience with security frameworks and industry standards
  • and/or
  • Relevant professional qualification (e.g., IRM International Certificate in Operational Risk, Practitioner Certificate in Information Management, etc.)
  • Proven technology and cyber risk expertise, preferably with a strong understanding of the Lloyd's or wider company insurance market and framework
  • Understanding of the commercial drivers and dynamics affecting risk decisions in the insurance sector, as well as operational and risk processes associated with an international insurance group
  • Ability to build strong partnering relationships with a wide range of stakeholders
  • Ability to interact professionally and with credibility and manage expectations of management and key stakeholders
  • Ability to manage time, meet deadlines and prioritise
Job Responsibility
Job Responsibility
  • Support the Senior Risk Manager – Tech & Cyber Risk in facilitating regular Risk & Control Self Assessments (RCSAs) with first line risk owners and stakeholders, ensuring the assessments are performed and documented accordingly
  • Support the Senior Risk Manager – Tech & Cyber Risk in implementing and maintaining a robust control environment that is owned and documented by first line business control owners and stakeholders
  • Provide oversight and challenge of Beazley's first line process around technology and cyber risk, including areas such as IT and cybersecurity business continuity, IT resilience, digital risk and operational transformation, capital modelling and business planning
  • Produce risk reporting and opinions, including deep dive reviews on hot topics influencing Beazley's technology and cyber risk profile to support reporting to internal and external stakeholders
  • Support the Senior Risk Manager – Tech & Cyber Risk and Head of Operational Risk in designing, writing and implementing frameworks, policies, procedures and processes where required
  • Provide critical appraisal of the control environment (including Risk MI) proposed by the business with reference to the agreed risk appetite
  • Liaise with first line business stakeholders and risk owners to capture new risks (including emerging risks) and review controls proposed by first line control owners and stakeholders
  • Assist in the preparation of risk management material for internal and external presentations where necessary
  • Assist in the provision of induction training to all relevant employees
  • Ensure close collaboration with Risk Management colleagues, supporting in the execution of key deliverables and projects as required
  • Fulltime
Read More
Arrow Right

Risk Manager - Tech and Cyber Risk

Support the Senior Risk Manager – Tech & Cyber Risk and Head of Operational Risk...
Location
Location
United Kingdom , Birmingham
Salary
Salary:
Not provided
socialvalueportal.com Logo
Social Value Portal Ltd
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Knowledge and experience of risk management frameworks and tools with proven technology and cyber risk expertise
  • Experience of working in a global and fast paced business environment is essential
  • Degree level educated or an equivalent combination of education training and experience with security frameworks and industry standards
  • and/or Relevant professional qualification (e.g., IRM International Certificate in Operational Risk, Practitioner Certificate in Information Management, etc.)
  • Proven technology and cyber risk expertise, preferably with a strong understanding of the Lloyd’s or wider company insurance market and framework
  • Understanding of the commercial drivers and dynamics affecting risk decisions in the insurance sector, as well as operational and risk processes associated with an international insurance group
  • Ability to build strong partnering relationships with a wide range of stakeholders
  • Ability to interact professionally and with credibility and manage expectations of management and key stakeholders
  • Ability to manage time, meet deadlines and prioritise
  • Able to communicate effectively with others
Job Responsibility
Job Responsibility
  • Support the Senior Risk Manager – Tech & Cyber Risk and Head of Operational Risk in the oversight and management of technology and cyber risk management activities, as well as wider operational risk matters across the Group
  • Support the Senior Risk Manager – Tech & Cyber Risk in facilitating regular Risk & Control Self Assessments (RCSAs) with first line risk owners and stakeholders
  • Support the Senior Risk Manager – Tech & Cyber Risk in implementing and maintaining a robust control environment
  • Provide oversight and challenge of Beazley’s first line process around technology and cyber risk
  • Produce risk reporting and opinions, including deep dive reviews on hot topics influencing Beazley’s technology and cyber risk profile
  • Support the Senior Risk Manager – Tech & Cyber Risk and Head of Operational Risk in designing, writing and implementing frameworks, policies, procedures and processes where required
  • Provide critical appraisal of the control environment proposed by the business with reference to the agreed risk appetite
  • Liaise with first line business stakeholders and risk owners to capture new risks and review controls
  • Assist in the preparation of risk management material for internal and external presentations
  • Assist in the provision of induction training to all relevant employees
  • Fulltime
Read More
Arrow Right

Vp Of Information Security & Risk Management

We are looking for an accomplished security executive to lead the organization’s...
Location
Location
United States , Nashville
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Extensive leadership experience in information security, cybersecurity, risk management, or a closely related executive function
  • Demonstrated success creating enterprise security strategies and translating them into scalable programs and operational results
  • Strong knowledge of governance, risk, and compliance practices, including policy development, control oversight, and audit support
  • Experience leading executive-level incident response coordination and working across technical and business teams during high-impact events
  • Ability to engage effectively with senior leadership, clients, vendors, legal teams, and cross-functional stakeholders on security and risk matters
  • Familiarity with core security technologies and concepts, including network security tools such as Cisco ASA Firewall and broader cyber defense practices
  • Proven leadership capabilities in building teams, developing talent, and driving accountability within complex organizational environments
  • Working knowledge of IT strategy and the ability to collaborate within Agile Scrum or similarly structured delivery environments
Job Responsibility
Job Responsibility
  • Develop and lead a company-wide information security and risk management roadmap that supports strategic business objectives and long-term growth
  • Convert executive priorities into practical security programs, measurable initiatives, and effective control frameworks across the enterprise
  • Establish meaningful performance and risk metrics to evaluate security maturity, track progress, and inform leadership decisions
  • Direct governance, risk, and compliance activities by maintaining policies, standards, and control practices that meet regulatory and organizational expectations
  • Oversee audit preparation, regulatory reviews, and corrective action plans to ensure timely remediation and sustained compliance
  • Provide executive leadership during cybersecurity incidents by guiding escalation, communication, containment, and recovery efforts
  • Lead senior security teams responsible for monitoring threats, managing vulnerabilities, and reducing enterprise risk through coordinated operational execution
  • Represent the organization in security-related discussions with clients, vendors, and business partners, including assessments, due diligence, and contractual security matters
  • Build and develop a high-performing security leadership structure by mentoring managers and directors, setting priorities, and aligning resources to business needs
What we offer
What we offer
  • medical
  • vision
  • dental
  • life and disability insurance
  • 401(k) plan
  • Fulltime
Read More
Arrow Right