MasterCard Lead Information Security Engineer in New York
We work to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments and businesses realize their greatest potential. Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. We cultivate a culture of inclusion (https://www.mastercard.us/en-us/vision/who-we-are/diversity-inclusion.html) for all employees that respects their individual strengths, views, and experiences. We believe that our differences enable us to be a better team – one that makes better decisions, drives innovation and delivers better business results.
Lead Information Security Engineer
• MasterCard is seeking a demonstrated security engineer to join our Business Security Enablement Guild within the Corporate Security team. The Business Security Enablement Guild is a powerful team of information security and DevSecOps experts focused on helping Mastercard achieve its goals by ensuring security is at the heart of everything we do. Mastercard is researching and developing the next generation of products, services, and solutions at scale to enable consumers to securely, efficiently, and intelligently conduct transactions regardless of channel.
• Whether through traditional retail, mobile, or e-commerce, MasterCard innovation is leading the digital convergence of traditional and emerging payments technologies across a wide variety of new devices and services for billions of users world-wide.
• Are you passionate about security? Do you like to tinker with things in order to figure out how to build them better, stronger, and more resilient? Are you a people person who values partnership, teamwork, and building solutions with cross-functional disciplines and teams? Are you curious? Do you follow trends, research, and best practices as part of your insatiable desire to learn and teach others? Do you want to have a true impact on the security of how the world transacts? This may be the role for you.
The Role – Lead Security Engineer for Loyalty
• As the Lead Security Engineer for Loyalty group reporting to the Business Security Officer, you will be relied upon to serve as technical security expert supporting the development and sustainability of secure products and practices. You will be the subject matter expert in application security, secure development best-practices and application security awareness as well as contextualizing the threat landscape and associated risks for Loyalty.
• You will be an active and critical participant in the design and implementation of internal and external loyalty efforts (including architecture & design reviews, secure code reviews, providing up-front and ongoing security consultation, reviewing, and enabling testing efforts, etc.)
• You will proactively work to find solutions that align with business needs while operating within Mastercard’s risk tolerance that are scalable and can be applied across multiple programs and platforms. This requires the ability to collaborate with cross-functional teams and regularly articulate and communicate to diverse audiences and properly translates security and risk management terminology into business terms, and recommends alternative solutions to these stakeholders.
All About You
• Great understanding of Software Development especially related to secure coding best practices. Prior experience programming in Java is a plus.
• Knowledge of threat landscape for fraud attacks as well as good understanding for security controls that help reduce the risk of fraud
• Adaptive communication skills to influence cross functionally without direct authority, comfort speaking with customers and business partners at all levels
• Motivated self-starter with an agility and ability to manage ambiguity, deal with and anticipate change while still meeting business objectives
• Passion for great product design, security and usability
• Current knowledge of security best practices, common exploits, and threat landscape
• Knowledge of Application Security Arcitecture for N tier, broker-based models.
• Knowledge of the security architecture of web-based network environments and secure communication between environments
• Ability to build secure DevOps architecture patterns and provide guidance on how to develop secure applications and infrastructures
• Knowledge and technical security experience in Cryptography, including several of the following: PKI, Digital Certificates, SSL, Hashing, Encryption techniques, etc
We value the safety of each member of our community because we know we’re all in this together. In many locations, which may change over time, we’ve implemented a virtual hiring process and continue to interview candidates by video or phone. In addition, in some locations, only individuals who have been fully vaccinated will be permitted inside Mastercard offices until further notice.
In the US, Mastercard is a government contractor, which may legally require most Mastercard employees to be vaccinated unless a verified approved medical or religious exemption is granted. Further, we are currently making every effort towards having employees return to work in the office 2 days per week, if that makes sense for their team. Everyone must be vaccinated to enter Mastercard offices at this time. Therefore, we expect all candidates to be vaccinated or to be approved for a medical or religious accommodation prior to commencing work at Mastercard.
In the US, Mastercard is an inclusive Equal Employment Opportunity employer that considers applicants without regard to gender, gender identity, sexual orientation, race, ethnicity, disabled or veteran status, or any other characteristic protected by law. If you require accommodations or assistance to complete the online application process, please contact firstname.lastname@example.org and identify the type of accommodation or assistance you are requesting. Do not include any medical or health information in this email. The Reasonable Accommodations team will respond to your email promptly.
Corporate Security Responsibility
All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:
Abide by Mastercard’s security policies and practices;
Ensure the confidentiality and integrity of the information being accessed;
Report any suspected information security violation or breach, and
Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.
Requisition ID: R-143512