Principal Information Security Engineer Job Listing at Mastercard in O'Fallon, MO (Job ID R-249550)

Description

Our Purpose

Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we're helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential.

Title and Summary

Principal Information Security Engineer The Cloud Security team is looking for a Cloud Security Engineer, who will be part of a team to support primarily container orchestrator and serverless assessments heavily Microsoft Azure Cloud platform, and provide Azure-related security enhancements and best practices guidance.

• Can you demonstrate a high level of expertise in information security?
• Can you provide detailed guidance on securely implementing container orchestrator platform in public cloud environments, namely Azure?
• Can you advise development teams on how to securely design infrastructure and utilize services following industry best practices and enhance existing approaches to cloud security engineering?
• Can you analyze cloud platform architecture and recommend how to reduce security risks to an acceptable level, while still providing beneficial functionality for operations and development teams?

Role
• Takes a lead position in complex initiatives of strategic importance (e.g., cross functional/ cross geographies)
• Applies advanced technical capabilities within own discipline to coach and develop technical talent and project teams
• Provides input into performance appraisal process for several junior employees or team members
• Defines and drives security strategy, standards, and architecture for the security aspects of multiple major projects
• Leads security service and capability definition
• Influences and implements security requirements, standards, and architecture for the security aspects of projects per their domain area (i.e. AWS, Azure, Internal Cloud), implements governance security controls, and creates documentation such as user guides for stakeholders.
• Acts as a mentor to employees, and oversees employee management, growth and development
• Defines process improvements processes for gained efficiencies across security domains
• Responsible to evaluate new cutting edge cloud-native compute technologies and industry trends and practices for Mastercard adoption.
• Strong communication skills and technical skills with the ability to communicate between business and technical teams.
• Responsible for defining and providing feedback for improvements to front line metrics to ensure controls are being met as defined
• Responsible for reviewing all project documentation, including maintaining technical documents and business requirements
• Responsible for understanding of security policies and regulatory compliance (i.e. PCI, GDPR).
• Responsible for understanding of and referencing to industry security standards and practices (i.e. CIS Benchmarks, NIST publications).

All about You/Experience
• Possess extensive understanding of Azure and experience with Azure-based environments, along with data flow and data definitions of project requirements utilizing Azure.
• Strong communication skills and technical skills with the ability to communicate between business and technical teams.
• Ability to coordinate and/or support large complex projects including upgrades and deployment of new capabilities and enhancements.
• Extensive experience with security, including network and internet systems security
• Extensive experience with public cloud platforms and technologies
• Extensive experience with cloud-native compute technologies and platforms (i.e. Docker, Kubernetes, Azure Functions)
• Extensive experience in technical skills (i.e code development, platform management, sys admin, etc..), understanding of security services (authentication, vulnerability management, security log monitoring), and softer communication skills
• Extensive experience participating on cross-functional initiatives across and organization, with internal and external stakeholders
• IT experience with demonstrated thought-leadership and cross-functional influence and partnership demonstrated by a successful track record of enabling business through these technical decisions
• Able to lead project teams, collaborate with business partners, vendor/ consulting organizations and peer level professionals from other IT disciplines
• Detailed cloud-native compute technology security experience including risk identification with options and compensating controls to remediate.
• Successful track record in implementing ways to modify a security program to keep up with the ever changing technology & security landscape
• Experience initiating and managing improvement in security domain areas by leveraging process metrics and customer feedback
• Experience in auditing security controls, governance, and softer communication skills
• Provides input into performance appraisal process for department employees and helps identify top technical talent
• Proven ability to build collaborative working relationships with internal stakeholders at the global/regional or local level
• Able to be called upon to represent MasterCard at external industry events, contributing to expert panels and sharing white papers and best practices, etc., to enhance the organization's brand Mastercard is a merit-based, inclusive, equal opportunity employer that considers applicants without regard to gender, gender identity, sexual orientation, race, ethnicity, disabled or veteran status, or any other characteristic protected by law. We hire the most qualified candidate for the role. In the US or Canada, if you require accommodations or assistance to complete the online application process or during the recruitment process, please contact reasonable_accommodation@mastercard.com and identify the type of accommodation or assistance you are requesting. Do not include any medical or health information in this email. The Reasonable Accommodations team will respond to your email promptly.

Corporate Security Responsibility

All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:

• Abide by Mastercard's security policies and practices;

• Ensure the confidentiality and integrity of the information being accessed;

• Report any suspected information security violation or breach, and

• Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines.

In line with Mastercard's total compensation philosophy and assuming that the job will be performed in the US, the successful candidate will be offered a competitive base salary based on location, experience and other qualifications for the role and may be eligible for an annual bonus or commissions depending on the role. Mastercard benefits for full time (and certain part time) employees generally include: insurance (including medical, prescription drug, dental, vision, disability, life insurance), flexible spending account and health savings account, paid leaves (including 16 weeks new parent leave, up to 20 paid days bereavement leave), 10 annual paid sick days, 10 or more annual paid vacation days based on level, 5 personal days, 10 annual paid U.S. observed holidays, 401k with a best-in-class company match, deferred compensation for eligible roles, fitness reimbursement or on-site fitness facilities, eligibility for tuition reimbursement, gender-inclusive benefits and many more.

 Apply on company website