Mastercard Jobs

Job Information

MasterCard PSO (Protective Security Officer) in London, United Kingdom

Our Purpose

We work to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments and businesses realize their greatest potential. Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. We cultivate a culture of inclusion (https://www.mastercard.us/en-us/vision/who-we-are/diversity-inclusion.html) for all employees that respects their individual strengths, views, and experiences. We believe that our differences enable us to be a better team – one that makes better decisions, drives innovation and delivers better business results.

Job Title

PSO (Protective Security Officer)

Who is Mastercard?

Mastercard is a global technology company in the payments industry. Our mission is to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart, and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments, and businesses realize their greatest potential.

Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. With connections across more than 210 countries and territories, we are building a sustainable world that unlocks priceless possibilities for all.

Overview

The Mastercard RTP Cyber Security team is looking for a Protective Security Officer. Your responsibility will be to drive, operationalise and report on all matters relating to Protective Security to help ensure the organisation mitigate security risks and maintain compliance with the act. The Protective Security Officer role will be responsible for setting out the overall strategy, implementation and management in regards to the Swedish Protective Security Act as it applies to P27 Nordic Payments.

The Swedish Protective Security Act is a security law that aims to protect critical activities, assets, and infrastructure against espionage, cyberattacks, sabotage, terrorism, and other threats. The Act covers any organization conducting "security-sensitive activities that are critical to Sweden’s national infrastructure.

Role

• Lead, drive and control the activities for proactive and systematic protective security.

• Managing the day-to-day delivery of the Corporate Security plan, addressing any conflicts, prioritization and rescheduling of activities and/or milestones and escalations to the RTP Business Security Officer.

• Develop a strong understanding of the cross border services and applications to provide appropriate security decisions and advice.

• Providing security support for customer meetings.

• Delivering/ reporting of compliance metrics and tracking key remediation/improvement of security to ensure they are delivering to the contractual obligations.

• Lead complex compliance testing across the organisation periodically as agreed with regulators & customer.

• Lead complex remediation/improvement activities across the organisation.

• Apply technical capabilities within own discipline and use expert knowledge to support the delivery team solve and evolve implementation solutions.

• Liaise with business leaders to proactively identify the Security impact of implementations across the organization.

• Liaise among the information security team and corporate compliance, audit, legal and HR management teams as required.

• Ensure ongoing compliance to Protective Security Instructions as they pertain to the Swedish Protective Security Act. Lead regular stakeholder meetings to facilitate open, efficient communication. Lead technical collaboration with other teams. Assist in security Metrics and Maturity – Provide and track Dashboard / Reports as per defined parameters

All About You

In this role you will need to be able to do, and have experience of, the following:

• Ability to improve efficiency through both process and technical enhancements.

• Experience reviewing compliance evidence and communicating findings to owners.

• Knowledge of global Security and reporting standards such as NIST, CRI, IOSCO, PCI, ISO and MITRE.

• Knowledge of Swedish Financial Supervisory Authority (SFSA) and Swedish Protective Security Act beneficial.

• Strategic mind-set supported by ability to deliver in a complex technical environment.

• Managing complex cross-functional projects, teams or committees.

• Collaborating cross-functionally to identify and implement best practice Security, across all aspects of Security.

• Working with industry and regulatory frameworks and standards.

• Relevant years of experience with protective security in regulated industries i.e. Finance, Government Agency, ISP or Energy advantageous.

• At least 3 years of ISO/IEC 27001 audit or implementation experience.

• Proven track record in planning, designing and implementing an ISMS as well as leading the operations and management thereof.

• Supporting the corporate risk function where appropriate and ensure that it is aligned with the ISMS.

• A bachelor or master’s degree, and/or certifications such as ISO27001 LA/LI, CISSP, CPP, CISA, CISM, CRISC

• Relevant background, from risk, security and law enforcement, legal or similar education and experience advantageous. Competencies within security protective security, physical security, personnel security and information security advantageous.

• Fluency in Swedish beneficial.

COVID-19 Considerations

We value the safety of each member of our community because we know we’re all in this together. In many locations, which may change over time, we’ve implemented a virtual hiring process and continue to interview candidates by video or phone. In addition, in some locations, only individuals who have been fully vaccinated will be permitted inside Mastercard offices until further notice.

In the US, Mastercard is a government contractor, which may legally require most Mastercard employees to be vaccinated unless a verified approved medical or religious exemption is granted. Further, we are currently making every effort towards having employees return to work in the office 2 days per week, if that makes sense for their team. Everyone must be vaccinated to enter Mastercard offices at this time. Therefore, we expect all candidates to be vaccinated or to be approved for a medical or religious accommodation prior to commencing work at Mastercard.

Corporate Security Responsibility

All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:

  • Abide by Mastercard’s security policies and practices;

  • Ensure the confidentiality and integrity of the information being accessed;

  • Report any suspected information security violation or breach, and

  • Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.

Requisition ID: R-169200

DirectEmployers