Lead and execute security control testing across Vocalink, identify control gaps, support remediation tracking, supervise junior testers, liaise with 2nd Line and Internal Audit, contribute to testing standards and reporting, and promote continuous improvement in cybersecurity risk management.
Our Purpose
Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we're helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential.
Title and Summary
1st Line Security Control Testing Manager
Main Purpose of role
The newly created Vocalink Control Office function is seeking Manager within the 1st Line Control Testing team to support the delivery of control testing activities across Security control domains, within Vocalink Limited (VLL). VLL is a Bank of England regulated, Critical National Infrastructure (CNI) company that enables the payments of 90% of salaries, 70% of utility bills, most ATM transactions and every cheque cleared in the UK.
This role plays a key part in embedding a strong control environment by executing control testing, identifying control gaps, and supporting continuous improvement in risk management practices.
Key Responsibilities:• Control Testing Execution• Conduct periodic testing of key and non-key controls in line with the Control Testing Methodology.• Evaluate compliance with internal policies, standards, regulatory requirements, and customer obligations.• Prepare and review control testing documentation, including test procedures, results, and identified gaps.• Ensure timely escalation of control deficiencies and support remediation tracking.• Team Leadership, Collaboration & Stakeholder Engagement• Supervise and mentor junior team members (Senior Analysts), providing guidance on testing execution and quality assurance.• Support the Director of Control Testing in delivering the annual testing plan and contributing to team development.• Engage with 1st Line teams while coordinating closely with 2nd Line partners and maintaining effective liaison with Internal Audit.• Contribute to reporting for governance forums, including dashboards, thematic reviews, and trend analysis.• Partner with control owners, providing guidance on control effectiveness and remediation.• Governance & Continuous Improvement• Support the development and refinement of control testing standards, tools, and methodologies.• Contribute to the maturity of the 3 Lines of Defence model and promote a culture of proactive risk management.• Stay informed on emerging risks, regulatory changes, and industry best practices with a focus on cybersecurity risks.
Knowledge, Skills and Expertise (technical / role specific)
Experience & Qualifications • Experience in control testing, or assurance, and risk management within security in a regulated environment.• Strong investigative and analytical experience (e.g. enquiry, analysis, interviewing, testing), problem-solving, and decision-making skills.• Strong understanding of control frameworks and standards (e.g., NIST, CRI, ISO and PCI-DSS).• Ability to assess control design and operating effectiveness in complex environments and to identify control gaps and improvement opportunities.• Excellent communication and stakeholder engagement skills.• Professional certifications such as CISA, CISM, CISSP, CRISC, ISO 27001 or equivalent is desirable.
Preferred Skills & Attributes • Bachelor's degree in computer science, Cyber Security, Information Technology, or related field.• Good Knowledge of security controls and IT general controls across platforms such as UNIX, HP Nonstop, and Windows.• Understanding software development lifecycle (SDLC), DevOps, and cloud technologies.• Proficiency in data analytics tools such as ACL or similar control testing tools.• Proficiency in Microsoft Office Suite (MS Word, MS Excel, MS Access and MS PowerPoint)• Strong organisational skills with the ability to prioritise and manage multiple tasks.• Self-starter with a continuous improvement mindset and a collaborative approach
Corporate Security Responsibility
All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:
Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we're helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential.
Title and Summary
1st Line Security Control Testing Manager
Main Purpose of role
The newly created Vocalink Control Office function is seeking Manager within the 1st Line Control Testing team to support the delivery of control testing activities across Security control domains, within Vocalink Limited (VLL). VLL is a Bank of England regulated, Critical National Infrastructure (CNI) company that enables the payments of 90% of salaries, 70% of utility bills, most ATM transactions and every cheque cleared in the UK.
This role plays a key part in embedding a strong control environment by executing control testing, identifying control gaps, and supporting continuous improvement in risk management practices.
Key Responsibilities:• Control Testing Execution• Conduct periodic testing of key and non-key controls in line with the Control Testing Methodology.• Evaluate compliance with internal policies, standards, regulatory requirements, and customer obligations.• Prepare and review control testing documentation, including test procedures, results, and identified gaps.• Ensure timely escalation of control deficiencies and support remediation tracking.• Team Leadership, Collaboration & Stakeholder Engagement• Supervise and mentor junior team members (Senior Analysts), providing guidance on testing execution and quality assurance.• Support the Director of Control Testing in delivering the annual testing plan and contributing to team development.• Engage with 1st Line teams while coordinating closely with 2nd Line partners and maintaining effective liaison with Internal Audit.• Contribute to reporting for governance forums, including dashboards, thematic reviews, and trend analysis.• Partner with control owners, providing guidance on control effectiveness and remediation.• Governance & Continuous Improvement• Support the development and refinement of control testing standards, tools, and methodologies.• Contribute to the maturity of the 3 Lines of Defence model and promote a culture of proactive risk management.• Stay informed on emerging risks, regulatory changes, and industry best practices with a focus on cybersecurity risks.
Knowledge, Skills and Expertise (technical / role specific)
Experience & Qualifications • Experience in control testing, or assurance, and risk management within security in a regulated environment.• Strong investigative and analytical experience (e.g. enquiry, analysis, interviewing, testing), problem-solving, and decision-making skills.• Strong understanding of control frameworks and standards (e.g., NIST, CRI, ISO and PCI-DSS).• Ability to assess control design and operating effectiveness in complex environments and to identify control gaps and improvement opportunities.• Excellent communication and stakeholder engagement skills.• Professional certifications such as CISA, CISM, CISSP, CRISC, ISO 27001 or equivalent is desirable.
Preferred Skills & Attributes • Bachelor's degree in computer science, Cyber Security, Information Technology, or related field.• Good Knowledge of security controls and IT general controls across platforms such as UNIX, HP Nonstop, and Windows.• Understanding software development lifecycle (SDLC), DevOps, and cloud technologies.• Proficiency in data analytics tools such as ACL or similar control testing tools.• Proficiency in Microsoft Office Suite (MS Word, MS Excel, MS Access and MS PowerPoint)• Strong organisational skills with the ability to prioritise and manage multiple tasks.• Self-starter with a continuous improvement mindset and a collaborative approach
Corporate Security Responsibility
All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:
- Abide by Mastercard's security policies and practices;
- Ensure the confidentiality and integrity of the information being accessed;
- Report any suspected information security violation or breach, and
- Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines.
Top Skills
Nist,Cri,Iso,Pci-Dss,Unix,Hp Nonstop,Windows,Sdlc,Devops,Cloud,Acl,Ms Word,Ms Excel,Ms Access,Ms Powerpoint
Mastercard London, England Office
1 Angel Lane, London, United Kingdom, EC4R 3AB
Similar Jobs at Mastercard
Blockchain • Fintech • Payments • Consulting • Cryptocurrency • Cybersecurity • Quantum Computing
The role involves managing partnership operations, reporting, supporting strategic partnerships, optimizing performance and collaborating cross-functionally. Requires experience in fintech, payments, and stakeholder management.
Top Skills:
Payment GatewaysSalesforceTableau
22 Minutes Ago
Blockchain • Fintech • Payments • Consulting • Cryptocurrency • Cybersecurity • Quantum Computing
The internship focuses on business development, program management, and product management, requiring project coordination and analysis for business growth. Interns will engage in market analysis, project planning, and cross-functional collaboration.
Top Skills:
Microsoft AccessExcelMicrosoft PowerpointMicrosoft Word
Blockchain • Fintech • Payments • Consulting • Cryptocurrency • Cybersecurity • Quantum Computing
Responsible for driving sales growth for CNPF, designing sales frameworks, reporting, and managing a dedicated sales team. Focus on business efficiency and effectiveness across various business lines.
What you need to know about the London Tech Scene
London isn't just a hub for established businesses; it's also a nursery for innovation. Boasting one of the most recognized fintech ecosystems in Europe, attracting billions in investments each year, London's success has made it a go-to destination for startups looking to make their mark. Top U.K. companies like Hoptin, Moneybox and Marshmallow have already made the city their base — yet fintech is just the beginning. From healthtech to renewable energy to cybersecurity and beyond, the city's startups are breaking new ground across a range of industries.
