Description
Our Purpose
Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we're helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential.
Title and Summary
Senior Analyst, Technology Risk Overview:The mission of the Payment Card Industry (PCI) program at Mastercard is to protect our security posture. The PCI team ensures that all of our applications and platforms that handle payment data or support payment data products are PCI compliant and certified to PCI- DSS (Data Security Standards) as well as other PCI standards where applicable.
We are looking for someone to join our team to help us meet these compliance goals. This person will be a technically savvy person who likes to solve issues and drive outcomes.
Role:
Provide support to assessment teams during PCI certifications; act as the liaison between the assessment team and the QSA (Qualified Security Assessor); manage multiple certifications simultaneously
Work with assessment teams to develop remediation strategies and compensating controls
Partner with manager and the QSA (Qualified Security Assessors) to scope application for PCI relevance
Research and learn and apply knowledge about new technologies and environments that impact PCI
Participate in building the PCI program to meet new requirements and address rapid growth
Represent PCI in long term technical projects that were identified through the PCI process to ensure compliance with standards
Communicate security risks and gaps as related to PCI to stakeholders and executive management
Manage PCI inquiries from both internal and external stakeholders
Develop reports, metrics and presentations for meetings, as needed
About You:
Knowledge of PCI DSS standards and requirements
Familiarity with information security protocols and standards
Understanding of Mastercard environments—physical and cloud
Experience with security controls, especially those that impact PCI (e.g. encryption, user access, logging etc.)
Strong ability to employ research skills and problem-solving skills
Ability to communicate business risk to stakeholders
Understand security findings (e.g. scanning/Pen test) and remediation strategies
Conduct or facilitate meaningful meetings with internal stakeholders and Security Assessors (QSAs)
Embraces challenges in slightly chaotic, rapidly growing environment
Corporate Security Responsibility
All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:
Abide by Mastercard's security policies and practices;
Ensure the confidentiality and integrity of the information being accessed;
Report any suspected information security violation or breach, and
Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines.
Apply on company website
Find Connections via Linkedin
