Senior Information Security Engineer
Explicitly mentions 'Vibe coding' as a desired hands-on scripting skill.
About the Role
Senior Information Security Engineer responsible for performing third-party software security evaluations, consulting with development and operations teams, and designing secure systems. The role emphasizes applying security principles across the SDLC, using AI for efficiency, and delivering security architecture guidance for internet-facing and mobile applications.
Job Description
Role
Senior Information Security Engineer within the Business Security Enablement Guild, focused on ensuring security is integral to Mastercard initiatives worldwide. The role involves evaluating third-party software, consulting on secure design, performing technology reviews, and applying security engineering principles across the software development lifecycle.
Key Responsibilities
- Perform Third Party Software Security Evaluations to help customers meet business requirements securely.
- Use Artificial Intelligence to solve business problems and increase efficiency.
- Apply security principles, theories, and concepts during technology and design reviews.
- Identify opportunities to improve business processes and recommend secure solutions.
- Consult with development and operational teams to design applications and services following industry best practices.
- Independently review large, complex, cross-functional or global initiatives.
- Provide recommendations to meet security and regulatory requirements for new or enhanced systems.
- Prepare and deliver business and technical presentations.
Requirements
- Knowledge of information security, risk management, and data privacy in digital commerce contexts.
- Understanding of identity management, user authentication, and authorization principles.
- Broad awareness of security engineering concepts and practices across all phases of the SDLC.
- Experience designing secure multi-domain Internet-facing applications and advising on web-based network environments.
- Ability to communicate security and risk concepts to diverse audiences and translate technical details into business terms.
- Moderate hands-on experience in scripting or Vibe coding.
- Basic knowledge of cryptography (encryption, hashing, key management, digital certificates, TLS).
- Technical experience with Java or a similar enterprise programming language is a plus.
- Experience with mobile security architecture, Android and iOS is a plus.
- Working knowledge and technical security experience with Linux is a plus.
NICE Framework Competencies
Proficient to advanced levels in: Information Assurance; Information Management; Information Technology Assessment; Requirement Analysis; Technology Awareness; Threat Analysis; Data Privacy and Protection; Communication; Critical Thinking; Problem Solving.
Corporate Security Responsibilities
Employees must abide by Mastercard security policies and practices, ensure confidentiality and integrity of accessed information, report suspected security violations or breaches, and complete periodic mandatory security training.