Mastercard Job - 40232289 | CareerArc
  Search for More Jobs
Get alerts for jobs like this Get jobs like this tweeted to you
Company: Mastercard
Location: Toronto, Canada
Career Level: Mid-Senior Level
Industries: Banking, Insurance, Financial Services


Our Purpose

We work to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments and businesses realize their greatest potential. Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. We cultivate a culture of inclusion for all employees that respects their individual strengths, views, and experiences. We believe that our differences enable us to be a better team – one that makes better decisions, drives innovation and delivers better business results. 

Job Title

Senior Information Security EngineerOverview

Ethoca a Mastercard company is seeking a Senior Information Security Engineer to join our team.

Do you want to be part of an innovator that is changing the e-commerce landscape and reinventing the way global merchants and issuers combat fraud through collaboration? If you're excited by shattering expectations and making a contribution that will turn stale thinking into breakthrough ideas, Ethoca is the place for you. We welcome the challengers and thought leaders. We want the agile, creative risk-takers who can address challenges with an open mind, the freedom to innovate and the strength to dominate. Ethoca's growth is explosive, and only great problem-solvers, collaborators and thinkers can help us take it to the next level. If that sounds like you, keep reading.

To support our continued growth and success, we are seeking a Senior Information Security Engineer to assist in all operational aspects of our security program, primarily focused within Azure. The ideal candidate will have excellent communication, experience in information security technologies both on-prem and cloud, Azure security, vulnerability Management, application security, penetration testing and a refined technical skillset.
If you are looking for a challenge that will allow you to work with industry leading technologies, in a fast-paced environment and collaborate within dynamic teams, this position is for you.

• Liaison with both technical and business stakeholders advising on our security standards and policies.
• Improve and maintain security services, focused on review efficiency, standards definition, and change management correctness.
• Maintain security posture through Azure security, application security, vulnerability management, penetration testing etc.
• Respond to security vulnerabilities and threat, manage the end-to-end detection and remediation processes, and escalate as required.
• Perform various security service functions including internal vulnerability scans, Azure security review, application security review, secure SDLC, application hardening validation and penetration testing activities.
• Document risk and mitigation controls, including policy/procedure updates.
• Participate in audits and assessments and provide support, as appropriate.
• Analyze established application security controls, secure SDLC initiatives and procedures and recommend improvements.
• Evaluate appropriate tools for supporting the application security and vulnerability management function.
• Participate in security on-call rotation.

What you bring:
• Expertise focused security administration
• Bachelor's Degree or equivalent experience/certification.
• Excellent verbal and written communication ability.
• Solid understanding of OWASP, S-SDLC, SAST, DAST, SCA processes.
• Working understanding of application security and vulnerability management.
• Experience working in a PCI DSS, SOC or HIPPA environment.
• Knowledge of all security domains is ideal.
• Java and JavaScript programming language experience is a plus

Due to COVID-19, most of our employees are working from home. We've implemented a virtual hiring process and continue to interview candidates by phone or video and are onboarding new hires remotely. We value the safety of each member of our community because we know we're all in this together.

Mastercard is an inclusive Equal Employment Opportunity employer that considers applicants without regard to gender, gender identity, sexual orientation, race, ethnicity, disabled or veteran status, or any other characteristic protected by law.​

If you require accommodations or assistance to complete the online application process, please contact and identify the type of accommodation or assistance you are requesting.  Do not include any medical or health information in this email. The Reasonable Accommodations team will respond to your email promptly.


Corporate Security Responsibility

Every person working for, or on behalf of, Mastercard is responsible for information security. All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and therefore, it is expected that the successful candidate for this position must:

• Abide by Mastercard's security policies and practices;
• Ensure the confidentiality and integrity of the information being accessed;
• Report any suspected information security violation or breach, and
• Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines.

 Apply on company website