Experience Inc. Jobs

Our Purpose

We work to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments and businesses realize their greatest potential. Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. We cultivate a culture of inclusion (https://www.mastercard.us/en-us/vision/who-we-are/diversity-inclusion.html) for all employees that respects their individual strengths, views, and experiences. We believe that our differences enable us to be a better team – one that makes better decisions, drives innovation and delivers better business results.

Title and Summary

Senior Information Security Engineer

Senior Information Security Engineer

Who is Mastercard?

Mastercard is a global technology company in the payments industry. Our mission is to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart, and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments, and businesses realize their greatest potential.

Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. With connections across more than 210 countries and territories, we are building a sustainable world that unlocks priceless possibilities for all.

Mission First, People Always

As Corporate Security, we are responsible for keeping Mastercard safe and secure from cyber and physical threats, and it is our people on the frontlines who make this happen every day.

By taking care of our people, their wellbeing, and career development, we provide them the necessary tools and environment to ensure the success of our mission.

Overview

Mastercard are looking for a Senior Information Security Engineer based in London. This is an exciting position within Vocalink which is building strategic products that are used across the organization. The successful candidate will strongly influence the security of products within Mastercard and work with many stakeholders to ensure security is built-in to our services.

Responsibilities

• Deliver a quality service within the enterprise.

• Contribute to maturing the Engineering team, building skills, driving development best practice

• improving consistency and scalability with a constant focus on availability and quality.

• Contribute to engineering excellence and automate and streamline to ensure adoption of capabilities and a frictionless service. Operationalise and embed, with a target to shift left and deliver self-serve capabilities where sensible.

• Provide assurance that products are developed and deployed with the right balance of security

• to protect against threats to the business, built upon reliable processes and procedures.

• Develop and improve security standards and frameworks to meet the future needs of

• Mastercard.

All About You

The ideal candidate for this position will:

• Be enthusiastic about running reliable processes to demonstrate and improve security.

• Have knowledge of reporting tools and be confident analysing data.

• Be comfortable presenting technical information to a range of stakeholders including senior

management and external customers.

• Have a solid grasp of security assessment methodologies and tools: penetration tests,

vulnerability scans, breach and attack simulation.

• Be familiar with security assessment techniques: application vs. infrastructure testing, SAST, DAST, on-premise vs external penetration testing, cloud security testing.

• Have good technical understanding of network, system and data security principles.

• Have good technical understanding of web application security principles, database security

principles, system and security configuration hardening techniques.

• Be familiar with information security threat landscape and attack vectors, have ability to create scopes that capture the specific areas of risk exposure.

• Have a good grasp of security frameworks: OWASP Top 10, CIS Benchmarks; and security

standards: ISO 27001, NIST, PCI DSS standard and testing requirements.

• Have experience collaborating cross-functionally to resolve scheduling conflicts, scoping

limitations and issues that might impact on testing.

• Liaise with third-parties all through the process to ensure that penetration test outcomes and subsequent reports reflect actual security status of test targets.

• Be skilled at stakeholder management.

• Security education or certification an advantage.

Corporate Security Responsibility

Every person working for, or on behalf of, Mastercard is responsible for information security. All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and therefore, it is expected that the successful candidate for this position must:

• Abide by Mastercard’s security policies and practices;

• Ensure the confidentiality and integrity of the information being accessed;

• Report any suspected information security violation or breach, and

• Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.

Corporate Security Responsibility

All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:

• Abide by Mastercard’s security policies and practices;

• Ensure the confidentiality and integrity of the information being accessed;

• Report any suspected information security violation or breach, and

• Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.