Our Purpose

We work to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments and businesses realize their greatest potential. Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. We cultivate a culture of inclusion for all employees that respects their individual strengths, views, and experiences. We believe that our differences enable us to be a better team – one that makes better decisions, drives innovation and delivers better business results.

Title And Summary

Lead Information Security Engineer (Azure)

The Lead Cloud Security Engineer will design and implement security solutions in support of Mastercard’s cloud security strategy. This position will focus on enabling business opportunities by ensuring the secure deployment of Mastercard applications and services.

Questions

• Can you demonstrate a good working level of knowledge in information security principles, theories and concepts?
• Can you collaborate with and influence cross-functional teams to securely develop, build, and deploy cloud native and multi-cloud applications and infrastructure?
• Can you perform security analysis of application architectures and cloud services; identifying methods to mitigate threats, attacks and risks to payment applications?
  
  
  

Role

• Leads the designing, testing, and implementation of complex security solutions to meet security and regulatory requirements for cloud environments
• Consults with development and operational teams to securely design applications and services following industry best practices
• Cultivates and maintains effective working relationships with a variety of internal Mastercard stakeholders, including business owners, end-users, customers, project managers, and engineers
• Performs technology evaluations, supporting business case development, test case definition, and vendor selection based on industry standard criteria
  
  
  

All About You

• Advanced knowledge of information security, risk management, and data privacy within the domain of digital commerce including relevant practical experience.
• Advanced knowledge of security capabilities and constraints related to native Azure and AWS services, including relevant practical experience
• Good understanding of firewalls, threat prevention and detection, and application security principles
• Good understanding of applied cryptography and Public Key Infrastructures (PKI)
• Good understanding of identity management, user authentication and authorization principles
• Demonstrated technical competency in security engineering based on hands-on experience or relevant qualifications
• Demonstrated effectiveness working in a global environment
• Ability to communicate effectively (both oral and written) and develop solid working relationships across multiple levels and organization boundaries
  
  
  

NICE Framework References

• National Initiative for Cybersecurity Education (NICE) competency proficiency levels of limited in leadership, limited to developing in operational and professional, and developing to proficient in technical.
• This Mastercard role shares KSAs with related NICE work roles (https://www.nist.gov/itl/applied-cybersecurity/nice/nice-framework-resource-center/workforce-framework-cybersecurity-nice)
• SP-DEV-002, OPM622, Secure Software Assessor
• SP-ARC-002, OPM652, Security Architect
• SP-TRD-001, OPM661, Research & Development Specialist
• SP-SRP-001, OPM641, Systems Requirements Planner
• SP-SYS-001, OPM631, Information Systems Security Developer
  
  
  

Corporate Security Responsibility

All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:

• Abide by Mastercard’s security policies and practices;
• Ensure the confidentiality and integrity of the information being accessed;
• Report any suspected information security violation or breach, and
• Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.