Company

MasterCard

Description

Our Purpose

We work to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments and businesses realize their greatest potential. Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. We cultivate a culture of inclusion for all employees that respects their individual strengths, views, and experiences. We believe that our differences enable us to be a better team – one that makes better decisions, drives innovation and delivers better business results.

Title And Summary

Lead Technology Risk Analyst

The Technology Risk Management (TRM) organization is a business enabler and industry leader of technology and security risk management practices, supported by a multi-disciplinary team of top security, technology, and risk professionals. Our mission is to exceed stakeholder expectations by providing enhanced visibility and proactive management of technology risks and ensuring strong security and sound operational environment.

The mission of the PCI program at Mastercard is to protect our security posture. The PCI team ensures that all our applications and platforms that involve payments and payment data are PCI compliant and certified to PCI- DSS (Data Security Standards) as well as other PCI standards where applicable.

The ideal candidate will have the ability to think and act both strategically and tactically while ensuring that the corporation remains compliant with required security and technology standards, as well as industry best practices.

Responsibilities Include

Lead PCI DSS certification efforts
Communicate security risks and gaps as related to or identified by PCI assessments to appropriate stakeholders
Work closely with teams to assist in development of remediation plans to address vulnerabilities or non-compliance
Stay updated with the latest security threats and trends and continuously improve assessment methodology to ensure protection against the latest threats
Collaborate with assessment teams and other compliance teams to ensure the assessments are completed in a timely manner

Knowledge Of

PCI standards and requirements
Latest information security protocols and standards
Vulnerability scanning tools
Security controls, especially those that impact PCI (encryption, access, vulnerability testing etc.)
Security prevention and detection systems and other security event management systems
Control frameworks (i.e. ISO 27001, NIST, Privacy, SOX, SOC1, SOC 2)

Ability To

Review security architecture of applications and determine PCI relevance
Employ strong research skills and problem-solving skills
Apply PCI standards to new and existing technologies
Identify and evaluate security gaps
Communicate business risk to stakeholders
Understand security findings (scanning/Pen test) and assess remediation strategies
Evaluate compensating controls
Conduct or facilitate meaningful meetings
Work in rapidly growing environment
Must have the ability to perform confidently and quickly make a decision
Work both independently and as part of a very cohesive team

In the US, Mastercard is an inclusive Equal Employment Opportunity employer that considers applicants without regard to gender, gender identity, sexual orientation, race, ethnicity, disabled or veteran status, or any other characteristic protected by law. If you require accommodations or assistance to complete the online application process, please contact reasonable_accommodation@mastercard.com and identify the type of accommodation or assistance you are requesting. Do not include any medical or health information in this email. The Reasonable Accommodations team will respond to your email promptly.

Corporate Security Responsibility

Responsibilities

All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must

Abide by Mastercard’s security policies and practices;
Ensure the confidentiality and integrity of the information being accessed;
Report any suspected information security violation or breach, and
Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.

Pay Ranges

O'Fallon, Missouri: $100,000 - $155,000 USD

Purchase, New York: $115,000 - $178,000 USD

Identifier

b9c5c19fe9088d5f19671503bcc12d76