Security Risk Analyst II Job Listing at Mastercard in Purchase, NY (Job ID R-235748)

Description

Our Purpose

Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we're helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential.

Title and Summary

Security Risk Analyst II Overview
The Mastercard Technology Risk Team is looking for a security analyst to support the implementation of international standards, processes, best practices and IT frameworks thereby helping the organization to enhance its current security posture.
Responsibilities:
• Oversee compliance and the implementation of design (up-to-date standard operating procedures) and operational effectiveness (testing the validity of procedures periodically).
• Participate in the gathering, documenting, monitoring and preliminary analysis of the information security and technology metrics.
• Identify, test, and report security weaknesses in systems and applications. Participate in the risk management process, including documenting, reviewing and updating systems on a regular basis; contribute in the preparations of internal risk reports.
• Maintaining an understanding of security policies and regulatory compliance (i.e. ISO 27001, PCI, GDPR)
• Monitor technology risk and compliance, and develop, deliver, maintain and monitor IT policies, standards, and best practices.
• Oversee governance and compliance of vulnerability remediation enterprise wide.
• Support special projects as requested; provides ad-hoc support to management.
• Develop effective working relationships with internal and external stakeholders, auditors, process and control owners and functional staff
• Understand and interact with related disciplines through different committees to ensure the consistent application of policies and standards across all technology functions.

Experience Required
• Experience supporting information security, IT audit and/or IT risk management principles.
• Familiarity with risk management processes (e.g., methods for assessing and mitigating risk)
• Conceptual understanding of IT and security controls, networking and information security technologies.
• Knowledge of Risk and Control Framework standards such as ISO 27001, NIST CSF, PCI-DSS.
• Background in developing, and maintaining security policies, processes, procedures and standards.
• Strong analytical and problem-solving skills for design, creation and testing of security controls and systems.

Nice to have
• Experience creating ISMS documentation to integrate the ISO 27001 requirements within the overall organization.
• Successfully completed ISO 27001:2022 Lead Auditor/Lead Implementer certification.
• Successfully completed CISA/CISM Certification.
• Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and IT management (e.g., GDPR, NY DFS Part 500 , MAS TRM etc.)
• Knowledge of Mastercard products and technology, security and other risk management programs and practices. (desired, not required)
• Experience using RSA Archer or equivalent risk tool sets.

Qualifications and Skills
• Bachelor's degree or equivalent combination of education and experience/bachelor's degree in information systems management, computer science, information technology or related field preferred
• Experience in handling certifications, compliance and internal/external information security/cyber security audits.
• Excellent written as well as verbal communication skills. Strong interpersonal skills, including good communication with the ability to articulate ideas in a 2 of 2 precise and concise manner.
• Contribute to work environment that encourages knowledge of, respect for and development of skills to engage with those of other cultures and backgrounds.
• Ability to handle multiple tasks simultaneously and switch between tasks quickly Mastercard is an inclusive equal opportunity employer that considers applicants without regard to gender, gender identity, sexual orientation, race, ethnicity, disabled or veteran status, or any other characteristic protected by law. In the US or Canada, if you require accommodations or assistance to complete the online application process or during the recruitment process, please contact reasonable_accommodation@mastercard.com and identify the type of accommodation or assistance you are requesting. Do not include any medical or health information in this email. The Reasonable Accommodations team will respond to your email promptly.

Corporate Security Responsibility

All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:

• Abide by Mastercard's security policies and practices;

• Ensure the confidentiality and integrity of the information being accessed;

• Report any suspected information security violation or breach, and

• Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines.

In line with Mastercard's total compensation philosophy and assuming that the job will be performed in the US, the successful candidate will be offered a competitive base salary based on location, experience and other qualifications for the role and may be eligible for an annual bonus or commissions depending on the role. Mastercard benefits for full time (and certain part time) employees generally include: insurance (including medical, prescription drug, dental, vision, disability, life insurance), flexible spending account and health savings account, paid leaves (including 16 weeks new parent leave, up to 20 paid days bereavement leave), 10 annual paid sick days, 10 or more annual paid vacation days based on level, 5 personal days, 10 annual paid U.S. observed holidays, 401k with a best-in-class company match, deferred compensation for eligible roles, fitness reimbursement or on-site fitness facilities, eligibility for tuition reimbursement, gender-inclusive benefits and many more.

 Apply on company website