Our Purpose Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we're helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential. Title and Summary Senior Information Security Engineer Who is Mastercard? Mastercard is a global technology company in the payments industry. Our mission is to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart, and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments, and businesses realize their greatest potential. Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. With connections across more than 210 countries and territories, we are building a sustainable world that unlocks priceless possibilities for all Mission First, People Always As Corporate Security, we are responsible for keeping Mastercard safe and secure from cyber and physical threats, and it is our people on the frontlines who make this happen every day. By taking care of our people, their wellbeing, and career development, we provide them the necessary tools and environment to ensure the success of our mission. Overview Mastercard is seeking candidates to join the Data Protection team with a focus on ShadowIT risk management, governance, and enforcement. As Mastercard accelerates innovation through SaaS, cloud services, and automation platforms, unapproved technology usage presents material data security, privacy, and compliance risks. This role is critical to defining and operating a clear, defensible blocking and escalation framework that protects Mastercard data while enabling informed business decisions.• Can you design and operate a structured blocking and escalation strategy for unapproved applications?• Can you balance security risk, business impact, and policy alignment in high visibility decisions?• Can you lead governance processes and metrics that scale across a global enterprise? Role• Contribute to the execution of the Shadow IT and Data Protection roadmap, with primary ownership of enforcement, escalation, and governance processes• Develop and maintain a Shadow IT blocking strategy framework for unapproved applications, including: - Blocking criteria and decision thresholds - Risk scoring aligned to data sensitivity, access, and exposure - Defined escalation paths for exceptions and high impact cases• Document all blocking decisions with clear business justification, technical impact assessment, and alignment to security and data protection policy• Establish and maintain communication protocols to notify stakeholders of application blocks, including timelines, approved alternatives, and available support resources• Manage unblock requests and escalations and exception processing, coordinating with Security Operations and business stakeholders to evaluate risk and determine outcomes• Partner with application, platform, and business teams to define paths to compliance, including remediation, onboarding to approved services, or decommissioning• Track and report Shadow IT metrics, including blocking trends, unblock volumes, escalation outcomes, incidents, and stakeholder satisfaction.• Work side by side with other team members to build and mature the Shadow IT governance process, while taking lead ownership of defined processes such as: - Escalations and exception handling - Cross functional coordination - Technical impact assessment - Policy alignment and enforcement • Build and operationalize a next generation Shadow IT governance model that provides transparency, consistency, and defensibility across the enterprise• Develop a way to automatically tag approved apps• Work with stakeholders to ensure all browser types experience is consistent (notifications, blocks, etc)• Work with stakeholders to ensure All About You• Experience operating or designing security governance or enforcement programs in large, complex environments• Strong understanding of information security, data protection, and risk management, particularly as applied to SaaS and third party technologies• Demonstrated ability to make and defend risk based decisions that balance security, policy, and business impact• Experience working cross functionally with Legal, Privacy, Compliance, and Technology teams• Ability to clearly document decisions and articulate technical and business impact to diverse audiences• Strong verbal and written communication skills, including executive ready summaries• Demonstrated technical competency in security engineering through hands on experience or relevant qualifications• Design and implement data models and analytics frameworks to support Shadow IT blocking decisions, escalation tracking, and governance reporting• Develop automated processes and dashboards to provide visibility into blocking activity, unblock requests, escalation outcomes, and trend analysis• Evaluate and integrate data sources (e.g., SaaS discovery tools, cloud telemetry, intake systems) to ensure accurate and timely Shadow IT decisioning data• Analyze and interpret complex datasets to identify risk patterns, repeat offenders, policy gaps, and opportunities for control improvement• Perform completeness and quality assessments to validate Shadow IT enforcement coverage and identify governance gaps or process breakdowns• Demonstrated ability to perform data analysis across security policies and technology usage to identify trends, assess risk, and inform governance decisions, including the capability to quickly learn and operate tooling used to manage product roadmaps and evaluate scoring criteria for alignment with Mastercard's risk appetite. Required Skills• Data security and governance (in depth knowledge)• Information security engineering• Risk assessment and decision frameworks• Policy interpretation and enforcement• Cross functional coordination and escalation managementAdditional Nice to Have• Experience with SaaS security posture management (SSPM), CASB, or DSPM• Familiarity with enterprise intake, exception, or risk acceptance processes• Cloud security experience• Automation or data analytics experience• Alteryx (or equivalent ETL), PowerBI (or equivalent visualization), PowerAutomate, etc experience is a plus• Application development experience is preferred, including the ability to develop scripts, work with APIs, and leverage AI capabilities in support of Shadow IT initiatives.Relevant Previous Experience• Security Engineering• Security Governance or Risk Management• Cloud or SaaS Security Engineering• Technology Risk or Security ConsultingOther Key Words Shadow IT, Blocking Strategy, Escalation Management, SaaS Risk, Data Protection, Third Party Risk, Governance, Metrics, Policy Enforcement Mastercard Corporate Security Roles have been aligned with the NICE framework (National Initiative for Cybersecurity Education). For this role the NICE Work Roles most closely aligned are: Cybersecurity Architecture, Secure Systems Development, Security Control Assessment, Systems Security Management, Technology Research and Development. Corporate Security Responsibility All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must: - Abide by Mastercard's security policies and practices; - Ensure the confidentiality and integrity of the information being accessed; - Report any suspected information security violation or breach, and - Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines.

Title: Program Coordinator & Research Assistant - Chair on India and Emerging Asia Economics Location: Washington, DC ID:1784-233 Full-Time/Regular Job Description: JOB SUMMARY: The Center for Strategic and International Studies (CSIS) is a non-profit, bipartisan public policy organization established in 1962 to provide strategic insights and practical policy solutions to decision makers concerned with global security and prosperity. Over the years, it has grown to be one of the largest organizations of its kind, with a staff of some 200 employees, including more than 120 analysts working to address the changing dynamics of international security across the globe. The CSIS Chair on India and Emerging Asia Economics aims to unlock the full potential of U.S. partnerships with India and the broader Asia region. While continuing to lead the Center's work on India, the Chair has expanded to include emerging economies across Asia, fostering U.S. economic security, economic development, and deepening business engagement between these countries and the United States. We remain the leading authority on state-level political-economic issues in India and have spearheaded multiple funded projects to enhance subnational engagement. We work towards building stronger ties between Indian policymakers and other nations in the Global South. Our work is very action oriented. Our team works in the office Monday-Thursday. Fridays are an optional "work from home" day, though we may shift to 5-day office weeks at some point in the future. CSIS is seeking a Program Coordinator/Research Assistant (PCRA) for the India Chair, a specialized role requiring expertise in policy research, program management, strategic communications, and engagement with Indian states. Interest/experience in power grids, energy efficiency, energy storage, and electric mobility and/or engagement with Indian states in other sectors is desirable. The ideal candidate: - Has experience in conducting policy research on highly technical topics - Has experience in engaging officials in India and maintaining contacts over time - Has experience managing different workstreams such as event implementation, travel coordination, contact management - Has the ability to be proactive and can work independently with minimal instruction - Have some domain knowledge in power grids, energy efficiency, energy storage, and electric mobility in the context of Indian states - Has experience assisting with fundraising efforts, including but not limited to preparing and editing fundraising proposals and engaging with prospective donors - Have excellent executive writing skills - Proficiency in Hindi and/or an additional Indian language. The role pays between $55,000 and $62,000, depending on the candidate's experience. ESSENTIAL DUTIES AND RESPONSIBILITIES: Policy Research and Analysis: - Conduct in-depth policy research and gap analysis on power grids, energy efficiency, energy storage, and electric mobility in the context of Indian state policies. - Co-author reports and assist with policy research and report writing, contributing directly to the development of actionable policy recommendations. - Draft and contribute to research publications, articles, and reports that reflect a deep understanding of Indian state-level policy issues and are intended for distribution to policymakers and donors. Strong executive writing skills are essential. India Chair Events, Roundtables, Forums and Workshops: - Lead the planning and execution of high-level public events, climate leader forums, roundtables, workshops, and smaller strategic meetings, including in-person and virtual engagements between Indian and U.S. officials hosted by the India Chair. - Manage travel logistics for delegation visits (6-10 people) Strategic Communications and Stakeholder & Donor Engagement: - Cultivate and maintain relationships with U.S. and Indian state-level policymakers. This includes leveraging prior fieldwork experience, multilingual communication skills, and an understanding of both cultural and governmental nuances in these interactions. - Engage in cold outreach and follow-up with foundations, NGOs, and Indian and U.S. officials to expand the program's network. - Assist with fundraising and developing outreach strategies to procure funding for new initiatives and broaden the India Chair's influence. - Assist with the coordination of MOU signings, drafting donor reports, preparing and submitting grant renewal documents and funding proposals, and preparing expense reports to ensure compliance with donor policies. Program Coordination: - Manage competing priorities and provide administrative support to multiple India Chair current and upcoming projects. - Track project deliverables and inform the project lead/Chair of upcoming deadlines. KNOWLEDGE, EDUCATION, AND EXPERIENCE: - Must have a minimum bachelor's degree in public policy, international relations, or related field. - Strong qualitative and quantitative research and analysis skills. - Must be very comfortable consistently engaging stakeholders in India outside of traditional work hours, including early mornings and late nights. - Proficiency in Hindi (required) and/or other Indian language is highly preferred. - Knowledge of subnational and national governance structures in India and the U.S. is required. Prior fieldwork in India and experience engaging Indian states stakeholders is preferred - Interest/comfort in working on policy issues related to the energy sector - Must have strong communication, interpersonal, analytical skills, organizational and project management skills. - Must be detail orientated - Software proficiency in Microsoft Suite (Outlook, Excel, SharePoint, OneDrive, Teams), Salesforce, Pardot, Concur, and Asana. - Computer and mobile phone/technology sufficient to work from home. - Experience with research tasks - Must be eligible to work in Washington, DC, and commit at least 35 hours per week. - Must have the ability to work independently with minimal oversight. - Must be willing to travel to India for project-related work, including travel to India's state capitals. - Must have demonstrated experience managing competing priorities and multiple projects under tight deadlines. PHYSICAL REQUIREMENTS AND WORK CONDITIONS: - This position will be based out of our Washington DC headquarters and is expected to be in-office 4+ days per week. The physical demands are representative of those that must be met by an employee working in an office environment. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential job functions. - Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Equal Opportunity Employer. OUR BENEFITS: Medical insurance Dental insurance Vision insurance Life insurance Short-term and long-term disability 403(b) for retirement planning: Tuition Assistance, Flexible Spending Account, Health Savings Account, Military Leave, 12 Paid Holidays, Sick Leave, Vacation leave

Role Description This is a remote position. The Junior Blue Team Analyst Internship Program at EncryptEdge Labs offers a dynamic, hands-on experience for aspiring cybersecurity professionals. During eight weeks, interns will engage in practical challenges that cover various aspects of cybersecurity defense. - Starting with foundational knowledge in cybersecurity, system hardening, and secure configurations. - Progressing through advanced topics such as incident response, digital forensics, network defense, and security monitoring. - Exploring specialized areas like cloud security, mobile security, data protection, and endpoint detection and response (EDR). - Completing capstone projects and receiving career development guidance to transition into professional roles in cybersecurity. Qualifications - Strong passion for cybersecurity, especially in defensive security and incident response. - Consistency in meeting deadlines and completing tasks with attention to detail. - Strong documentation skills to create clear and structured reports. - Effective communication skills for collaboration with mentors and peers. - A degree in Computer Science, Cybersecurity, or a related field is preferred but not mandatory. - Basic understanding of networking fundamentals and operating systems (Windows/Linux). - Familiarity with cybersecurity principles, including threat detection and incident response, is a plus. - Preferred certifications: Blue Team Level 1 (BTL1), CompTIA IT Fundamentals (ITF+), Splunk Fundamentals 1. Requirements - Basic knowledge of log analysis, threat hunting, and incident response. - Familiarity with endpoint protection tools and malware detection techniques. - Understanding of security monitoring practices and alert management workflows. - Hands-on experience with ELK Stack (ElasticSearch, Logstash, Kibana) for log management. - Experience with Suricata and Snort for intrusion detection and network analysis. - Knowledge of open-source tools like Security Onion for monitoring and threat detection. - Experience with Zeek for network traffic analysis. - Access to a computer and a reliable internet connection. - Ability to establish and maintain a secure work environment (guidance provided). - Completed courses or practical projects in cybersecurity, focusing on defensive roles. - Familiarity with real-world incident response workflows and defensive strategies. Benefits - Gain practical knowledge and skills in blue team cybersecurity, including system hardening, security monitoring, incident response, and advanced network defense. - Receive guidance on career development and opportunities to build a portfolio through capstone projects. - Participate in a global internship program, connecting with cybersecurity professionals from worldwide. - Earn a certificate of completion at the end of the internship, demonstrating your proficiency in blue team operations. - Interns who successfully complete the program will receive a letter of experience, outlining the skills and competencies developed during the internship. - Outstanding interns will receive personalized letters of recommendation from EncryptEdge Labs. - Enjoy the flexibility of a remote internship that allows you to work from anywhere. - Access support from experienced mentors and cybersecurity experts throughout the internship. - Top-performing interns may be recommended for job placements through our network of partners and clients, helping you kickstart your career in cybersecurity.

Role Description We seek a highly skilled and experienced Senior Security Engineer to join our dynamic team at Echelon Risk + Cyber, a leading cybersecurity consulting firm. This team member will be ready to roll up their sleeves and identify opportunities for our clients and for Echelon internally with unquestioned integrity. They will be passionate about cybersecurity and ready to use their knowledge to be an Entrepreneurial Problem Solver and work alongside their Echelon team members to build creative solutions. At Echelon, we believe learning never stops. You will have the opportunity to engage with systems that are at the cutting edge of technology and team members that will challenge you with meaningful work. We allow our team members to build from the ground up and make an impact across the organization. What You Will Do: - Implement and enforce security policies and procedures based on industry standards - Conduct regular security assessments, audits, and ensure compliance with security standards - Design and implement secure cloud solutions (Azure and AWS) - Utilize Cloud Security Posture Management (CSPM) technologies - Ensure the security of SaaS platforms, including email, file sharing, and 3rd party applications - Configure and manage security controls for servers and endpoints, including deploying and managing endpoint protection solutions - Implement security policies for Mobile Device Management (MDM) - Conduct regular vulnerability scans and automated penetration tests utilizing in-house tools and develop remediation plans for identified vulnerabilities - Implement and manage IAM solutions, including single sign-on (SSO) and privileged access management (PAM) - Ensure proper user provisioning and access controls - Lead technical implementations of data protection services, including Data Loss Prevention (DLP) solutions - Participate in the development and maintenance of disaster recovery plans and procedures - Review and ensure backups, redundancy, and replication solutions meet availability and recovery best practices, including performing regular recovery tests - Conduct security reviews, assessments, and hardening activities across key systems from endpoints, servers, network infrastructure, and Cloud services - Apply and enforce security configuration benchmarks (e.g., CIS, NIST) - Ensure compliance with regulatory requirements and industry standards - Implement and manage security information and event management (SIEM) systems - Deploy and maintain managed detection and response (MDR), intrusion detection systems (IDS), and intrusion prevention systems (IPS) - Configure and manage network security policies across perimeter and internal network equipment, including firewalls and wireless access points - Participate in incident response planning and tabletop exercises, and develop incident response plans and playbooks - Assist with the implementation and configuration of security awareness training programs and solutions - Work closely with clients to understand their security needs and provide tailored solutions - Collaborate with cross-functional teams to ensure security is integrated into all aspects of IT infrastructure, and develop technical security standards and operational procedures Qualifications - Bachelor's degree in Computer Science, Information Security, or related field - Relevant certifications: CCSP, CISSP, CEH, CISM, etc. - Experience working in managed IT or Security services (MSP or MSSP), handling numerous clients and environments simultaneously - Strong understanding of security technologies and frameworks - Excellent problem-solving and analytical skills - Strong communication and interpersonal skills - Applicants must have authorization to work in the United States without current or future visa sponsorship. Preferred Qualifications - Familiarity with regulatory requirements such as FFIEC, SOC 2, ISO 27001, GDPR, CMMC, HIPAA, PCI-DSS, etc. - Familiarity with popular security frameworks such as CIS, NIST, ISO, SOC2 - Experience with enterprise security technologies (firewalls such as Palo Alto and FortiGate, endpoint security tools such as CrowdStrike, SentinelOne, and FortiEDR) - Experience working in or with a Security Operations Center (SOC) - Experience participating in Security Assessments and Audit efforts - Familiarity with DevSecOps practices and tools - Ability to be agile and juggle multiple clients, initiatives, and priorities effectively - Skilled in gathering, assessing, and presenting technical security metrics and trends Benefits - Access to medical, dental, and vision insurance through Cigna, with the majority of the employee cost covered by the employer - Employer funding to HSA accounts and FSA access - Access to a 401(k) through Vanguard with a guaranteed employer contribution - Flexible vacation policy that allows you to manage your schedule and rest and recharge when you need to - 11 holidays with flexibility based on what is important for you and those you love - Family-friendly benefits, including weeks off for Maternity leave, weeks off for non-birthing parent leave, employer-paid short-term and long-term disability, employer-paid life insurance, and access to additional life insurance, hospital coverage, accidental coverage, discounted mental health support, and more - Support for individual development through certifications, continued learning, conferences, and more Company Description We value a diverse workforce and a culture of inclusivity and belonging. All employment decisions shall be made without regard to age, race, creed, color, religion, gender, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status, or any other basis as protected by federal, state, or local law. Echelon Risk + Cyber is an Equal Opportunity Employer.