Manager, Cyber Security Vulnerability Scanning

Our Purpose

Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we’re helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential.

Title and Summary

Manager, Cyber Security Vulnerability Scanning

Overview
The Manager, Vulnerability Scanning is accountable for leading, optimising, and maturing the vulnerability scanning capability within the Vulnerability Management function. This includes operational ownership of scanning platforms, ensuring timely and accurate vulnerability identification, and driving improvements to coverage, automation, reporting and overall scan effectiveness.

You will act as the primary subject-matter expert for vulnerability scanning—ensuring vulnerabilities are accurately detected, communicated to stakeholders, and aligned with Mastercard’s broader security strategy. You will also contribute to strategic planning, resource management, and continuous improvement across the vulnerability management lifecycle.

Key Responsibilities
Leadership & Operations
• Lead, manage, and develop the Vulnerability Scanning team.
• Oversee daily scanning operations, ensuring accuracy, completeness and adherence to SLAs.
• Manage prioritisation, workload distribution, and quality assurance across the team.
• Ensure timely delivery of scan results, reporting, and escalations.
Technology Ownership
• Own and maintain the vulnerability scanning toolsets across infrastructure, applications, cloud and network environments.
• Ensure scanning coverage remains complete and up to date across all assets.
• Monitor scan performance, tune configurations, and optimise scanning processes.
• Champion automation and integration with asset management tools.
Governance, Controls & Standards
• Maintain policies, standards and processes related to vulnerability scanning.
• Ensure alignment with Mastercard security policies, regulatory requirements, and industry best practice.
• Support audits, compliance reviews and evidence requests relating to scanning.
Analysis, Reporting & Continuous Improvement
• Provide expert interpretation of scan results, threat alerts and vulnerability intelligence.
• Deliver high-quality management information, dashboards and reporting to senior leaders.
• Identify and drive continuous improvements in scanning effectiveness, coverage and process efficiency.
• Propose enhancements to technology, workflows or methodologies based on metrics and stakeholder feedback.
Collaboration & Stakeholder Engagement
• Act as the primary point of contact for scanning-related queries.
• Partner closely with remediation teams, threat intelligence, engineering, and application teams.
• Contribute to incident response and investigations where vulnerabilities are involved.
• Represent the scanning function in cross-functional projects and working groups.

About You
Experience & Expertise
• Demonstrable experience leading a vulnerability scanning or vulnerability management team.
• Strong technical expertise with enterprise vulnerability scanning technologies (e.g., Tenable, Qualys, Rapid7, Prisma, or equivalent).
• Strong understanding of network, cloud, application and container security principles.
• Experience implementing vulnerability management strategies, tools and process improvements.
• Proven success managing complex, cross-functional initiatives in a global environment.
• Solid understanding of malware behaviours, attack vectors, and exploit methodologies.
Skills
Technical
• Excellent knowledge of security standards, frameworks and regulatory expectations.
• Strong analytical and problem-solving skills.
• Ability to interpret vulnerability data and communicate in business-friendly language.
• Strong understanding of network design, traffic flows, and firewall architecture.
Professional
• Strong leadership, coaching, and team development skills.
• Excellent communication and presentation abilities.
• Ability to prioritise and manage competing demands in a fast-paced environment.
• Strong business acumen and ability to influence across technical and non-technical teams.

Corporate Security Responsibility

All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:

• Abide by Mastercard’s security policies and practices;

• Ensure the confidentiality and integrity of the information being accessed;

• Report any suspected information security violation or breach, and

• Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.