MasterCard Senior Information Security Engineer in New York City, New York
We work to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments and businesses realize their greatest potential. Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. We cultivate a culture of inclusion (https://www.mastercard.us/en-us/vision/who-we-are/diversity-inclusion.html) for all employees that respects their individual strengths, views, and experiences. We believe that our differences enable us to be a better team – one that makes better decisions, drives innovation and delivers better business results.
Senior Information Security Engineer
Mastercard is seeking a demonstrated security engineer to join us. Corporate Security is a worldwide organization of cybersecurity experts focused on helping Mastercard achieve its goals by ensuring security is at the heart of everything we do. Mastercard is researching and developing the next generation of products, services, and solutions at scale to enable consumers to conduct transactions securely, efficiently, and intelligently far beyond traditional payment cards that you may know us for.
• Are you passionate about security?
• Are you a people-person who values partnership, teamwork, and building solutions with cross-functional disciplines and teams?
• Can you advise product and operational teams on how to securely design applications and services following industry best practices and enhance existing security?
• Do you follow trends, research, and best practices as part of your insatiable desire to learn and teach others?
• Can you demonstrate a high level of expertise in information security and secure engineering disciplines?
• Do you want to have a true impact on the security of how the world transacts?
• Apply knowledge of security principles, theories and concepts to business and development life cycle.
• Take a lead security position in large, more complex initiatives for DevOps, IaaS/PaaS, Cloud and CI/CD strategic importance (e.g., global initiatives, cross functional/cross geographies).
• Provide strategic leadership regarding organization-wide risks, standards, technologies, and methodologies.
• Recognize security, fraud, regulatory, or legal risks to Mastercard and proactively drive conversations with business owners.
• Provide and recommend optimal solutions to meet security and regulatory requirements in the design of new/enhanced systems. Ensure established security policies and standards are observed on projects.
• Work closely with developers and business owners to evaluate business requests and determine feasibility.
• Document enhancements to security standards and procedures.
• Define security requirements and guidelines to ensure repeatable processes are followed by worldwide teams.
• Investigate/Research Mastercard or industry business/technical security processes.
• It would be a bonus if you have experience in cloud environments.
All About You
• Experienced security engineering professional.
• CISSP or industry recognized security certification is desired.
• Motivated self-starter with an agility and ability to manage ambiguity, deal with and anticipate change while still meeting business objectives.
• Ability to articulate and communicate effectively to diverse audiences and properly translates security and risk management terminology into business terms and recommend alternative solutions to these stakeholders.
• Passion for great product design, security, and usability.
• High desire to develop technical and security expertise and have a passion to learn about new technologies, and progressively takes initiative to develop that expertise
• Demonstrate technical competency in security engineering based on hands-on experience or relevant qualifications.
• Working knowledge and application of NIST Security Publications, PCI-DSS, and industry standards for hardening systems and software.
• Working knowledge and technical security experience with UNIX, Linux, Solaris, or AIX.
• Advanced knowledge of software development, especially related to secure coding best practices.
• Solution design and engineering experience in one or more security domains including Identity & Access Management, Network Security, Application Security, Cryptography, Security Assessment and Testing, Security Operations, and Secure Software Development.
We value the safety of each member of our community because we know we’re all in this together. In many locations, which may change over time, we’ve implemented a virtual hiring process and continue to interview candidates by video or phone. In addition, in some locations, only individuals who have been fully vaccinated will be permitted inside Mastercard offices until further notice.
In the US, Mastercard is a government contractor, which may legally require most Mastercard employees to be vaccinated unless a verified approved medical or religious exemption is granted. Further, we are currently making every effort towards having employees return to work in the office 2 days per week, if that makes sense for their team. Everyone must be vaccinated to enter Mastercard offices at this time. Therefore, we expect all candidates to be vaccinated or to be approved for a medical or religious accommodation prior to commencing work at Mastercard.
In the US, Mastercard is an inclusive Equal Employment Opportunity employer that considers applicants without regard to gender, gender identity, sexual orientation, race, ethnicity, disabled or veteran status, or any other characteristic protected by law. If you require accommodations or assistance to complete the online application process, please contact firstname.lastname@example.org and identify the type of accommodation or assistance you are requesting. Do not include any medical or health information in this email. The Reasonable Accommodations team will respond to your email promptly.
Corporate Security Responsibility
All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:
Abide by Mastercard’s security policies and practices;
Ensure the confidentiality and integrity of the information being accessed;
Report any suspected information security violation or breach, and
Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.
Requisition ID: R-159301