Cloud Information Security Engineer

Our Purpose

Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we’re helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential.

Title and Summary

Cloud Information Security Engineer

Mission First, People Always
As Corporate Security, we are responsible for keeping Mastercard safe and secure from cyber and physical threats, and it is our people on the frontlines who make this happen every day.
By taking care of our people, their wellbeing, and career development, we provide them the necessary tools and environment to ensure the success of our mission.

Overview
The Cloud Security team is looking for a Cloud Information Security Engineer II to join our team to support the design and implementation of cloud native and cloud agnostic security solutions in support of Mastercard’s cloud security strategy. This position will focus on enabling business opportunities by ensuring the secure deployment of Mastercard applications and services. The ideal candidate is passionate about cybersecurity policies and governance, highly motivated, intellectually curious, and analytical.

Key Responsibilities
In this role, you will:
· Perform technology evaluations, supporting business case development, test case definition, and vendor selection based on industry standard criteria.
· Support the design, test, and implementation of security solutions to meet security and regulatory requirements for cloud environments.
· Support senior cloud security engineers and development and operational teams to securely design applications and services following industry best practices.
· Cultivate and maintain working relationships with variety of internal stakeholders, including business owners, end-users, customers, project managers, engineers, and leaders.
· Demonstrate a working knowledge of information security principles, theories, and concepts.
· Support security analysis of application architectures and cloud services.

All about you:
·Experience, preferably with exposure to AWS or Azure environments.
· Solid understanding of information security, risk management, and data privacy, particularly in the context of digital commerce.
· Familiarity with the capabilities and limitations of security related to the implementation of cloud-native and multi-cloud applications and infrastructure.
· Strong knowledge of firewalls, threat prevention and detection, and application security principles.
· Applied knowledge of cryptography and Public Key Infrastructures (PKI).
· Good understanding of identity management, user authentication, and authorization.
· Ability to work independently and self-directed, demonstrating initiative and autonomy in managing projects and tasks.

NICE Framework References
Mastercard Corporate Security Roles have been aligned with the NICE framework (National Initiative for Cybersecurity Education). For this role the NICE Work Roles most closely aligned are:
· Cybersecurity Architecture
· Secure Systems Development
· Security Control Assessment
· Systems Authorization
· Systems Security Management

Corporate Security Responsibility
Every person working for, or on behalf of, Mastercard is responsible for information security. All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and therefore, it is expected that the successful candidate for this position must:

· Abide by Mastercard’s security policies and practices.
· Ensure the confidentiality and integrity of the information being accessed.
· Report any suspected information security violation or breach, and
· Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.

Corporate Security Responsibility

All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:

• Abide by Mastercard’s security policies and practices;

• Ensure the confidentiality and integrity of the information being accessed;

• Report any suspected information security violation or breach, and

• Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.