Director, Controls & Issue Advisory

The Director, Controls and Issues Advisory will lead the team to promote controls and issues management excellence and provide expert advice across Vocalink.

• Lead the team's approach to analysing existing controls, identifying gaps and providing control and issue advice to 1LOD functions in line with Vocalink Limited's Enterprise Risk Management Framework.
• Review new and amended controls and issues to ensure fitness for purpose ahead of implementation, in line with agreed processes.
• Drive the Controls Issue and Advisory team to deliver proactive support and constructive challenge to 1st line teams, to promote continuous improvement on controls and issues.
• Support the implementation of applicable procedures to enable effective 1LOD adoption of Vocalink's control and Issue management policies and processes.
• Manage and maintain the focused Controls Library domain (L1-L3) on behalf of Vocalink.
• Complete control effectiveness assessments to provide continuous assurance.
• Provide issues triage, track and monitor issues management (including internal/external audits) and undertake closure validation.
• Recommend and support the implementation of improvements to the control environment, including exploring control and control testing automation.
• Develop and maintain strong, collaborative working relationships with stakeholders at all levels of the organisational hierarchy (function, entity and group).
• Develop and implement strategies to enhance the management of issues and controls across all first line teams.
• Participate in Risk and Control Self-Assessment (RCSA) processes to ensure required actions on controls and issues are identified and progressed.
• Work with 2nd line risk teams to collaboratively deliver continuous improvement across 1st line teams.
• Support the Head of Controls Office: Drive delivery of priorities requiring support as needed and deputise as appropriate, including in key senior committees (e.g. operational resilience and corporate security).

• A proven record of success as a risk and controls leader in a risk partnering or similar capacity.
• Significant experience in applying operational risk frameworks and risk assessment methodologies.
• Detailed understanding of internal controls frameworks.
• Experience of managing or playing a leading role in the RCSA process, ideally in a banking, financial services, IT or payments context.
• Experience of working with any of the following disciplines, not necessarily in a financial services environment: Technology (e.g. Hardware and Software engineering), Operations (e.g. incident, change and problem management), Information Security (e.g. SOC, vulnerability mgmt. etc), or Operational Resilience (e.g. Third-party management, scenario analysis etc).
• Excellent written and verbal communication skills.
• Strong analytical, reporting and presentation skills.
• Ability to engage, influence and challenge stakeholders at all levels of an organisation, highly effectively.
• Ability to motivate, inspire and lead people effectively, both to deliver BAU and change.
• A proven record of driving robust and timely delivery of activities.

• An understanding of key technology risk and information security related industry frameworks and supporting guidelines (e.g. ISO/IEC27001 and ISO/IEC27002, COBIT, ITIL, NIST).
• Experience of working across various lines of defence.
• Experience within Critical National Infrastructure responsible organisations.

• Corporate Security Responsibility

All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must