Senior Information Security Engineer

Senior Information Security EngineerOur Purpose

Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we're helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networksbine to deliver a unique set of products and services that help people, businesses andernments realize their greatest potential.

Title and Summary

Senior Information Security Engineer

Who is Mastercard?
Mastercard is a global technologypany in the payments industry. Our mission is to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart, and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions,ernments, and businesses realize their greatest potential.
Our decency quotient, or DQ, drives our culture and everything we do inside and outside of ourpany. With connections across more than 210 countries and territories, we are building a sustainable world that unlocks priceless possibilities for all.
Overview
The Data Security Team team is looking for a Senior Information Security Engineer to drive several key initiatives associated with data protection and related cutting edge technology. The ideal candidate will join Emerging Corporate Security Solutions, an engineering-focused group with the critical mission of protecting Mastercard data, with a focus on classification, labeling, encryption, and data loss prevention (DLP). In addition, testing and creating best practices for monitoring and use of appropriate, safe and secure AI will be a key initiative.

Role
The core mission for this role is providing security requirements, standards, and related engineering of solutions associated with:

• Bringing clarity, consistency, and standards to Mastercard data
• Ensuring alignment with the Zero Trust Maturity Model (and related workflows)
• Executing various projects and initiatives to solve for and lower risks associated withplex data types (PCI, PII, Source Code, various types of customer and user data) and their storage & transfer
• Ensuring alignment with related standards and associated business units such as Access, Privacy, Insider Threat, Security Operations Center, Desktop Support
• Contributing to solutioning from an architecture and engineering perspective for necessary exceptions to security standards
• Helping develop security awarenessmunications and training to educate employees about data security and protection efforts and standards
• Helping establish and run continuous monitoring processes and alerting pursuant to data security policies to identify and respond to threats
• Staying current with Industry Trends (ISO, NIST, Regulations, Best Practices as they potentially or actually impact Data Security standards and execution of the same)

The Ideal candidate for this position should have:
• Working knowledge of basic security controls validation on applications, systems, networks, platforms, environments including on-prem and cloud
• Exposure to Data Security Standards efforts (labeling, classification, data protection)
• Working knowledge of the Zero Trust framework, with a focus on the Data Pillar
• Working knowledge of data protection technologies such as:
oMicrosoft Purview Information Protection / Azure Information Protection
oDLP technologies like, Symantec DLP
oData Security Posture Management (DSPM) tools and usage
oEDR tools (like Microsoft Defender)
oCloud security tools (like Microsoft Defender for Cloud Apps)
oData transfer tools (FTP, Citrix FileShare, others)
• Familiarity with data storage technologies such as, but not limited to:
oRelational Databases such as SQL Server, Oracle DB, IBM DB
oNon-Relational Databases such as MongoDB, Redis
oData Warehouse and Data Lake tools such as Snowflake, Hadoop
oFile servers, NAS, Isilon, Cloud Drives
• Ability to work collaboratively with key stakeholders (Data & Analytics group, Data Strategy & Management team, Access, Network and Security Architects, various Security Engineers) as well as coordinate with vendors to evaluate, test and deploy new technology solutions

Corporate Security Responsibility
Every person working for, or on behalf of, Mastercard is responsible for information security. All activities involving access to Mastercard assets, information, and networkses with an inherent risk to the organization and therefore, it is expected that the successful candidate for this position must:

• Abide by Mastercard's security policies and practices;
• Ensure the confidentiality and integrity of the information being accessed;
• Report any suspected information security violation or breach, and
•plete all periodic mandatory security trainings in accordance with Mastercard's guidelines.

NOTE: Candidates go through a thorough screening and interview process. There is no need to include all preferred skills in the job description.

Corporate Security Responsibility

All activities involving access to Mastercard assets, information, and networkses with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:

Job ID R-252327