Mastercard Jobs

Job Information

MasterCard Principal Security Engineer in California

Our Purpose

We work to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments and businesses realize their greatest potential. Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. We cultivate a culture of inclusion (https://www.mastercard.us/en-us/vision/who-we-are/diversity-inclusion.html) for all employees that respects their individual strengths, views, and experiences. We believe that our differences enable us to be a better team – one that makes better decisions, drives innovation and delivers better business results.

Job Title

Principal Security Engineer

Mastercard is a global technology company developing the next generation of applications and services in the payments industry. Our mission is to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart, and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments, and businesses realize their greatest potential.

Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. With connections across more than 210 countries and territories, we are building a sustainable world that unlocks priceless possibilities for all.

Overview:

The Business Security Enablement (BSE) team is seeking a Principal Engineer with Security, Cloud and Kubernetes experience to join our team in North America working closely with a new acquisition. The Business Security Enablement guild is a worldwide team of information security experts focused on helping Mastercard achieve its goals by ensuring security is at the heart of everything we do. Mastercard is researching and developing the next generation of products, services, and solutions at scale to enable consumers to conduct transactions securely, efficiently, and intelligently far beyond traditional payment cards that you may know us for.

• Can you demonstrate a high level of expertise in information security and secure development disciplines?

• Can you provide expertise on how to securely implement systems in cloud environments using Application Frameworks & Bootstrapping, Standard CI/CD Pipelines, Developer Tooling & Environments, Cloud Agnostic Declarative Provisioning of Infrastructure and Application Resources

Responsibilities

As the Principal Security Engineer for Mastercard’s, you will be the technical security expert supporting the deployment and development of secure products and environments.

• Drive the delivery of best-of-breed architecture patterns, solutions, and engineering practices

• Lead by example with hands-on approaches to demonstrate engineering excellence

• Mentor and guide software engineers and lead the team to improve engineering productivity, quality, and technology policy compliance

• Actively engage with business/product owners to plan, architect, and deliver new services, products, and bundles

• Advocate for Mastercard Engineering Principles, development standards, and Corporate Security guidelines

• Consult across teams and across program lines to identify synergies and reuse opportunities

• Provide technical design and architecture advice to internal teams on how to securely develop and build applications and services

• Ensure information security and regulatory requirements are effectively integrated into new or improved systems.

• Review and influence the security of vendor-provided applications and systems to ensure they meet our security objectives and can be implemented securely.

• Provide security advice on cryptography to ensure full confidence in the integrity and security of transactions and data.

• Mature Mastercard's security and development processes so that security continues to be a core component for all development staff, throughout the development lifecycle.

• Utilize security experience and knowledge to cultivate and maintain effective working relationships with a variety of Internal Mastercard and External stakeholders, including business owners, end-users, customers, project managers, engineers, and senior management.

• Articulate and communicate security and risk management terminology into business terms and recommend alternative solutions to both senior management and customers.

All About You

• Experienced Engineer/Architect with deep domain knowledge and expertise in DevSecOps/CI-CD, Software Engineering, API's and Cloud Engineering

• A proven track history in leading the design and execution of the software delivery process automation across multiple business domains

• A deep understanding of GCP and AWS Cloud platforms with applied expertise in automated operations and securing Cloud environments for production workloads, ideally in regulated environments

• Demonstrates advanced skill in containerization and associated technologies

• Advanced automation/configuration management, deployment strategy, and logging and monitoring practices for high availability

• Provide guidance across the enterprise on industry best practices and tools; apply expertise of scalable and resilient architecture patterns

• Leads by example in establishing enterprise-wide standards for application integration and identifies/anticipates future requirements to support business needs

• Knowledge of relevant industry standards and guidelines such as ISO27001, PCI-DSS, NIST SP800-53

• Deep knowledge and technical security experience in cryptography, including several of the following: encryption, hashing, key management, digital certificates, TLS.

• Experience with threat modeling or other risk identification techniques.

• Strong understanding of information security, risk, and data privacy within the domain of digital commerce including relevant practical experience

• Ability to articulate and communicate effectively to diverse audiences and properly translates security and risk management terminology into business terms, and recommends alternative solutions to these stakeholders

• Strong verbal and written communication skills

In the US, Mastercard is an inclusive Equal Employment Opportunity employer that considers applicants without regard to gender, gender identity, sexual orientation, race, ethnicity, disabled or veteran status, or any other characteristic protected by law. If you require accommodations or assistance to complete the online application process, please contact reasonable_accommodation@mastercard.com and identify the type of accommodation or assistance you are requesting. Do not include any medical or health information in this email. The Reasonable Accommodations team will respond to your email promptly.

Corporate Security Responsibility

All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:

  • Abide by Mastercard’s security policies and practices;

  • Ensure the confidentiality and integrity of the information being accessed;

  • Report any suspected information security violation or breach, and

  • Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.

Everyone wants easier ways to pay;

we invent them.

Checkout lines are slow;

we speed them along.

Merchants want more sales;

we give them data and insights.

People need financial access;

we connect them.

Corporate purchasing is complicated;

we make it simple.

Commuters are busy;

we speed them on their way.

Governments need greater efficiencies;

we help create them.

Small businesses are virtual;

we give them access to a world of buyers.

Retailers want to fight fraud;

we provide the tools.

Requisition ID: R-182342

DirectEmployers