MasterCard Security Engineer in Salt Lake City, Utah
We work to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments and businesses realize their greatest potential. Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. We cultivate a culture of inclusion (https://www.mastercard.us/en-us/vision/who-we-are/diversity-inclusion.html) for all employees that respects their individual strengths, views, and experiences. We believe that our differences enable us to be a better team – one that makes better decisions, drives innovation and delivers better business results.
The Global Open Banking Security Operations team works with the business to drive a strong control environment by providing a framework for business and process owners to identify, capture, measure, monitor, report and manage operational risks as identified by financial partners and customers. We partner with business and process owners to increase their awareness and understanding of business risks, driving process improvement rather than mere risk avoidance. We do this by effecting 3rd party validated SOC2, type 2, PCI DSS and 3rd party risk assessments fielded by Financial partners.
Mastercard is seeking a Security Operations in the Utah office (hybrid remote); reporting to the SVP of Security/Open Banking. This role will operationalize and enable the mitigation of risks well in advance of any 3rd party audit, field incoming requests for SOC2, PCI and FI audits as well as manage a small team of Security Operations Analysts in effecting day-to-day operations.
This role will require leadership to operate at a strategic and tactical level. Ideal candidate will have strong operational risk management experience and proven success in building, implementing, and monitoring operational security issues management frameworks across a global and evolving environment.
Operationalize enterprise issue management framework across the organization to enable continuous improvement
Develop and execute communication, training and workshop strategies to operationalize the issue management framework
Facilitate triage workshops or working session to address critical – high rated issues, at the enterprise level with an emphasis on Vulnerability Management.
Implement and execute ongoing operational issue identification, root cause analysis and assessment procedures, as assigned
Partner with key 2nd line Corporate Functions (i.e. ERM, Risk Liaisons, Internal Audit, , Compliance, SOX, etc.) to ensure appropriate issues are identified, mitigated, communicated, and reported
Advise stakeholders (across three lines of defense) on best approach(s) to remediate issues
Support customer audits and regulatory examinations, where needed
Monitor the implementation of action plans designed to reduce operational risks
Develop, implement, maintain, and prepare accurate issue reporting for management awareness and escalation
Aggregate issues and assess themes to identify company-wide operational trends and facilitate appropriate escalation
All About You:
Strong leader and strategic thinker
Experience in Security/Risk management frameworks gained through operations, business advisory and or audit roles preferred
Ability to develop and implement strategy to meet corporate objectives and provide insights to executive management
Experience risk manager with extensive program management experience
Broad exposure to business risks across Security, IT, finance and other business environments is essential
Consultive mindset and reputation for being a strong business partner
Ability to effectively interact and influence people at all levels
Global work experience and capacity to manage tasks across multiple regions, cultures, and time zones
Excellent oral, written and presentation skills
Change management practitioner
In the US, Mastercard is an inclusive Equal Employment Opportunity employer that considers applicants without regard to gender, gender identity, sexual orientation, race, ethnicity, disabled or veteran status, or any other characteristic protected by law. If you require accommodations or assistance to complete the online application process, please contact email@example.com and identify the type of accommodation or assistance you are requesting. Do not include any medical or health information in this email. The Reasonable Accommodations team will respond to your email promptly.
Corporate Security Responsibility
All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:
Abide by Mastercard’s security policies and practices;
Ensure the confidentiality and integrity of the information being accessed;
Report any suspected information security violation or breach, and
Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.
Everyone wants easier ways to pay;
we invent them.
Checkout lines are slow;
we speed them along.
Merchants want more sales;
we give them data and insights.
People need financial access;
we connect them.
Corporate purchasing is complicated;
we make it simple.
Commuters are busy;
we speed them on their way.
Governments need greater efficiencies;
we help create them.
Small businesses are virtual;
we give them access to a world of buyers.
Retailers want to fight fraud;
we provide the tools.
Requisition ID: R-184122