Principal Information Security Engineer
Who is Mastercard?
We are the global technology company behind the world's fastest payments processing network. We are a vehicle for commerce, a connection to financial systems for the previously excluded, a technology innovation lab, and the home of Priceless ®. We ensure every employee has the opportunity to be a part of something bigger and to change lives. We believe as our company grows, so should you. We believe in connecting everyone to endless, priceless possibilities. Job Title
Principal Information Security Engineer
•MasterCard is seeking a demonstrated security engineering expert to join our Business Security Enablement Guild within the Corporate Security team. The Business Security Enablement Guild is a powerful team of information security and DevSecOps experts focused on helping Mastercard achieve its goals by ensuring security is at the heart of everything we do. Mastercard is researching and developing the next generation of products, services, and solutions at scale to enable consumers to securely, efficiently, and intelligently conduct transactions regardless of channel.
•Whether through traditional retail, mobile, or e-commerce, MasterCard innovation is leading the digital convergence of traditional and emerging payments technologies across a wide variety of new devices and services for billions of users world-wide.
•Are you passionate about security? Do you like to tinker with things in order to figure out how to build them better, stronger, and more resilient? Are you a people person who values partnership, teamwork, and building solutions with cross-functional disciplines and teams? Are you curious? Do you follow trends, research, and best practices as part of your insatiable desire to learn and teach others? Do you want to have a true impact on the security of how the world transacts? This may be the role for you.
The Role - Lead Security Engineer for Digital, Marketing, and Loyalty Programs
•As the Lead Security Engineer for Mastercard's Digital, Marketing, and Loyalty business (DML) reporting to the Business Security Officer, you will be relied upon to serve as technical security expert supporting the development and sustainability of secure products and practices. You will be the subject matter expert in application security delivering tactical mentorship and strategic consulting in terms of building a security-focused culture, secure development best-practices and application security awareness as well as contextualizing the threat landscape and associated risks for DML and its programs.
•You will be an active and critical participant in the design and implementation of internal and external payment services and mentor others in these efforts (including creating user stories, secure code review, providing up-front and ongoing security consultation, reviewing and enabling testing efforts, etc.)
•You will proactively work to find solutions that align with business needs while operating within Mastercard's risk tolerance that are scalable and can be applied across multiple programs and platforms. This requires the ability to collaborate with cross-functional teams and regularly articulate and communicate to diverse audiences and properly translates security and risk management terminology into business terms, and recommends alternative solutions to these stakeholders.
•As the Lead Security Engineer, you will also assist the Business Security Office in assessing the current threat landscape and business needs of DML to identity and prioritize and solution risks. This includes examining systems and applications to understand the current security posture and advocating for security best-practices to engineering teams.
All About You
•Adaptive communication skills to influence cross functionally without direct authority, comfort speaking with customers and business partners at all levels
•Motivated self-starter with an agility and ability to manage ambiguity, deal with and anticipate change while still meeting business objectives
•Passion for great product design, security and usability
•Experience with application threat modeling or other risk identification techniques
•Current knowledge of security best practices, common exploits, and threat landscape
•Understanding of Agile methodologies
•Ability to build secure DevOps architecture patterns and provide guidance on how to develop secure applications and infrastructures
•Strong understanding of Information Security, Authentication and Data Privacy within the domain of Digital Commerce including relevant practical experience
•Demonstrated experience designing Secure multi-domain Internet facing applications
•Knowledge of the security architecture of web based network environments and secure communication between environments
•Knowledge and technical security experience in Cryptography, including several of the following: PKI, Digital Certificates, SSL, Hashing, Encryption techniques, etc
•Good understanding of Software Development especially related to secure coding best practices. Prior experience programming in Java is a plus.
•Experienced in mobile security architecture concepts, design, implementation along with Android and IOS is a plus
Mastercard is an inclusive Equal Employment Opportunity employer that considers applicants without regard to gender, gender identity, sexual orientation, race, ethnicity, disabled or veteran status, or any other characteristic protected by law.
If you require accommodations or assistance to complete the online application process, please contact firstname.lastname@example.org and identify the type of accommodation or assistance you are requesting. Do not include any medical or health information in this email. The Reasonable Accommodations team will respond to your email promptly.