- Entry level
- No Education
- Salary to negotiate
Sr. Security AnalystWho is Mastercard?
We are the global technology company behind the world's fastest payments processing network. We are a vehicle for commerce, a connection to financial systems for the previously excluded, a technology innovation lab, and the home of Priceless ®. We ensure every employee has the opportunity to be a part of something bigger and to change lives. We believe as our company grows, so should you. We believe in connecting everyone to endless, priceless possibilities.
Sr. Security Analyst
Purpose of the Team
•The Subsidiary Security team is tasked with the oversight of the subsidiary lifecycle. This includes acting as information security consultants to the Mergers & Acquisition team during their evaluation, conducting a security assessment during due diligence, providing expertise during the integration phase of an acquisition and assisting and monitoring subsidiaries once they have been fully integrated with Mastercard.
•The Subsidiary Security program is intended to ensure the newly acquired entity's information assets and systems are managed in accordance with corporate security policies and standards, providing adequate protection of the environment.
Our mission is to:
•Create and maintain secure environments where the spirit of entrepreneurship and innovation can thrive
•Provide leadership, knowledge, and support to subsidiary Information Security Programs
•Pave the way for the safe and secure growth of new subsidiaries and joint ventures as they become fully mature and monetized assets
Purpose of the Job
•The primary responsibility of this position is to support the Corporate Security Mergers & Acquisitions lifecycle.
•This role will be aiding and supporting the Subsidiary Security team with the Corporate Security internal processes and procedures in support of joint ventures and acquisitions.
•Do you have experience with security frameworks and controls?
•Are you a process oriented individual who enjoys identifying gaps and opportunities for effectiveness and efficiency? a proven thought leader, problem solver and integrator of people and processes, as well as an effective internal consultant?
•Do you possess domain competencies in a number of IT risk-related disciplines, including security, business continuity management, privacy and compliance?
•Provide input into the Acquisition Security processes and procedures, identity gaps/opportunities for efficiencies and improvements; help drive necessary process changes
•Help define appropriate metrics and reporting mechanisms to reflect the security posture of acquisitions
•Assist with developing a risk management methodology to be applied to security maturity assessments
•Provide assistance with corporate security due diligence on targeted companies for minority investment/acquisition, to include high level cost estimations
•Help to define the integration strategy & approach for acquired companies
•Provide assistance with in-depth security maturity assessments of acquired accompanies, helping to identify the security findings/risks and aiding in providing governance/oversight to ensure all security risks are mitigated
•Provide support/assistance to the corporate IT and commercial integrations of acquired companies
•Provide support/assistance to acquired companies to ensure they adhere to Corporate Security standards and transition them to business as usual (BAU) processes
All About You
•Several years of working experience in a security role, with a basic knowledge of a broad range of standards and frameworks - for example, International Standards Organization (ISO) 27001, IT Infrastructure Library and ISO 20000, Capability Maturity Integration and Six Sigma.
•Knowledge of common risk management methodologies - for example, Control Objectives for Information and Related Technology and Committee of Sponsoring Organizations Enterprise Risk Management.
•Demonstrate good communications skills, both written and verbal
•Strong background in process improvement efforts
•Good working knowledge of IT risk management or a related discipline - for example, security, privacy, business continuity management or compliance.
•Education: Bachelor of Science, with a focus on IT or IT risk-related disciplines or equivalent experience.
•Beneficial Professional Certifications:
•Chartered Enterprise Risk Analyst (CERA)
•Certified Risk Manager (CRM)
•Professional Risk Manager (PRM)
•Certified Information Security Manager
•Certified Information Security Professional
Mastercard is an inclusive Equal Employment Opportunity employer that considers applicants without regard to gender, gender identity, sexual orientation, race, ethnicity, disabled or veteran status, or any other characteristic protected by law.
If you require accommodations or assistance to complete the online application process, please contact email@example.com and identify the type of accommodation or assistance you are requesting. Do not include any medical or health information in this email. The Reasonable Accommodations team will respond to your email promptly.