Who is Mastercard?
Mastercard is a global technology company in the payments industry. Our mission is to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart, and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments, and businesses realize their greatest potential.
Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. With connections across more than 210 countries and territories, we are building a sustainable world that unlocks priceless possibilities for all.
Mission First, People Always
As Corporate Security, we are responsible for keeping Mastercard safe and secure from cyber and physical threats, and it is our people on the frontlines who make this happen every day.
By taking care of our people, their wellbeing, and career development, we provide them the necessary tools and environment to ensure the success of our mission.
The Enterprise Security Architecture and Innovation team is looking for a Senior Information Security Engineer to join our team to work closely with Network and Security Engineering, Cloud Security, and Enterprise Application teams to design, build and deliver technology solutions and drive alignment to Mastercard policies and standards. This person will evaluate system and application architectures, data flow requirements, and research areas of risk as it relates to software and infrastructure implementations. The role requires the ability to influence and collaborate across a diverse group of internal stakeholders, effectively managing multiple priorities, demands, and possess a deep understanding of networks and systems in both on-premises and cloud environments.
In This Role, The Senior Security Engineer Will
Manage security assessment engagements that include the analysis of solution designs, data flow diagrams, software business cases, implementation plans, and network changes.
Provide security engineering support for Mastercard's technology imperatives that include the build-out of new data centers.
Identify opportunities for automating assessment workflows and assist with the development of scripts.
Analyze new and existing technologies and provide recommendations for areas of security risk and alignment to Mastercard s policies and technical standards.
Collaborate with other corporate security teams to evaluate new technologies and defining security requirements.
All About You
The ideal candidate for this position should:
Be a self-starter who is able to prioritize and work independently
Have a passion to learn about new technologies, and progressively takes initiative to develop that expertise
Be able to demonstrate technical competency in security engineering based on hands-on experience or relevant qualifications
Have a solid understanding of firewalls, networking, threat prevention and detection, and application security principles
Have hands-on experience evaluating data flows, firewall policies, and access control lists
Be able to support maintenance windows outside of regular business hours (once or twice per month)
Have hands-on experience developing scripts, working with structured data formats such as YAML and JSON, and code version control systems such as GIT or Bitbucket
Have working knowledge and application of industry standards for security controls, and hardening systems and software
Have effective communication and project management skills with the ability to manage multiple engagements with diverse technical teams
National Initiative for Cybersecurity Education (NICE) competency proficiency levels of limited in leadership, limited to developing in operational and professional, and developing to proficient in technical.
This Mastercard role shares KSAs with related NICE work roles
Corporate Security Responsibility
All Activities Involving Access To Mastercard Assets, Information, And Networks Comes With An Inherent Risk To The Organization And Therefore, It Is Expected That The Successful Candidate For This Position Must
Every person working for, or on behalf of, Mastercard is responsible for information security.
Abide by Mastercard s security policies and practices;
Ensure the confidentiality and integrity of the information being accessed;
Report any suspected information security violation or breach, and
Complete all periodic mandatory security trainings in accordance with Mastercard s guidelines."
Basic Qualification :
Additional Skills :
Hybrid- 2 Days Onsite, Rest Remote (we have flex on the days they come in- have team meeting on Tuesdays so prefer them to be onsite those days) NO RELOCATION CANDIDATES!! Support Hours- when they run into issues where they cant make changes during normal business hours, they will schedule a window on the weekend or outside of EST hours. This is a rare occurrence. Reviews Connectivity Requests, Policies and identify any potential red flags or policy violations This role requires someone to assist with those reviews We are looking for some automation experience so we can take these requests and integrate with API and help with some of the scripting to enable that automation We are currently building out Looking for fundamental networking and security experience It is a mid-level role so not deep analysis but enough to understand protocols and look at architecture diagrams and be able to help with automation, scripting, working with APIs, understanding various data formats like Json etc. Understanding of securities and firewalls and how they work will be needed for this role If they have some java that would be helpful but integration with API is the primary skillset