We are looking for an Information Security Lead to steer the organizations information security, data security and risk management. The Information Security Lead will work with various departments in Mastercard and implement the organizations best practices. This role will report to the VP technologies operations organization.
Role-
Developing, implementing, and monitoring a strategic, comprehensive enterprise information security and IT risk management program that aligns with the organizations business objectives and regulatory requirements. The program is required to align with Mastercard's corporate strategy and directives.
Providing and approving security related items in RFP responses and contract negotiations. Joining customer calls to explain our security position and understand the customer needs.
Partnering with business units and stakeholders across the organization to facilitate risk assessment and risk management processes, and to raise awareness of security issues and best practices.
Establishing and maintaining an information security management framework that incorporates industry standards and best practices and lead compliance audits for ISO/IEC 27xxx, SOC II and other security certifications.
Assisting in the selection, implementation, and maintenance of security technologies, tools, and processes that support the organizations security goals and policies.
Responding to security incidents and breaches, and coordinating with internal and external parties to investigate, contain, remediate, and report on them.
Evaluating and reporting the organizations security posture and performance, and provide regular feedback and recommendations to senior management.
Staying abreast of current and emerging security threats, trends, technologies, and best practices, and ensuring that the organization adapts accordingly.
Sourcing and selecting vendors and service providers that offer security solutions or support.
Role-
Developing, implementing, and monitoring a strategic, comprehensive enterprise information security and IT risk management program that aligns with the organizations business objectives and regulatory requirements. The program is required to align with Mastercard's corporate strategy and directives.
Providing and approving security related items in RFP responses and contract negotiations. Joining customer calls to explain our security position and understand the customer needs.
Partnering with business units and stakeholders across the organization to facilitate risk assessment and risk management processes, and to raise awareness of security issues and best practices.
Establishing and maintaining an information security management framework that incorporates industry standards and best practices and lead compliance audits for ISO/IEC 27xxx, SOC II and other security certifications.
Assisting in the selection, implementation, and maintenance of security technologies, tools, and processes that support the organizations security goals and policies.
Responding to security incidents and breaches, and coordinating with internal and external parties to investigate, contain, remediate, and report on them.
Evaluating and reporting the organizations security posture and performance, and provide regular feedback and recommendations to senior management.
Staying abreast of current and emerging security threats, trends, technologies, and best practices, and ensuring that the organization adapts accordingly.
Sourcing and selecting vendors and service providers that offer security solutions or support.
Requirements:
A bachelors degree in computer science, information technology, or a related field. Professional security certification, such as CISSP, CISM, CISA, or CRISC is a plus, or relevant security military service background. AWS Security Certification and/or AWS Architecture Certification is another plus
Ability to work with various departments and supply authoritative answers. Great people skills and a customer oriented approach.
A minimum 4 years of experience in information security, IT risk management, or a related field.
A comprehensive knowledge of information security principles, practices, frameworks, standards, laws, regulations, and ethics.
A strong understanding of various security domains, such as application security, cloud security, cryptography, identity and access management, network security, incident response, disaster recovery, endpoint security, etc.
A proven track record of developing and implementing effective security strategies and programs that support business goals and mitigate risks.
An excellent ability to communicate complex technical concepts in a clear and concise manner to various audiences, such as senior executives, board members, customers, partners, regulators, etc.
An innovative and analytical mindset that can identify security gaps and opportunities for improvement.
Excellent communication skills, proficient English.
A bachelors degree in computer science, information technology, or a related field. Professional security certification, such as CISSP, CISM, CISA, or CRISC is a plus, or relevant security military service background. AWS Security Certification and/or AWS Architecture Certification is another plus
Ability to work with various departments and supply authoritative answers. Great people skills and a customer oriented approach.
A minimum 4 years of experience in information security, IT risk management, or a related field.
A comprehensive knowledge of information security principles, practices, frameworks, standards, laws, regulations, and ethics.
A strong understanding of various security domains, such as application security, cloud security, cryptography, identity and access management, network security, incident response, disaster recovery, endpoint security, etc.
A proven track record of developing and implementing effective security strategies and programs that support business goals and mitigate risks.
An excellent ability to communicate complex technical concepts in a clear and concise manner to various audiences, such as senior executives, board members, customers, partners, regulators, etc.
An innovative and analytical mindset that can identify security gaps and opportunities for improvement.
Excellent communication skills, proficient English.
This position is open to all candidates.
