Mastercard logo
Mastercard

Founded in 1966, Mastercard is a worldwide transaction, payment-processing, and consulting company best known for its line of personal and business credit cards. As an employer, Ma

Security Engineer (Threat Detection & Response)

Security EngineerSecurity EngineerFull TimeRemoteMid LevelTeam 38,800Since 1966

Location

Mexico

Posted

1 day ago

Salary

0

Seniority

Mid Level

English

Job Description

Security Engineer (Threat Detection & Response)

Mastercard

Our Purpose Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we're helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential. Title and Summary Security Engineer (Threat Detection & Response) Overview The Security Threat & Response Management (STRM) program within Mastercard's Corporate Security organization seeks a Security Engineer II for the Defend Product team to help execute our prevention-focused security control strategy. The ideal candidate will demonstrate initiative, strong analytical abilities, technical expertise in cybersecurity, and a proactive approach to problem-solving. This position is instrumental in defining and advancing the roadmap and strategy for the program's core security tools and defenses. We are seeking a technically skilled professional who actively tracks emerging security trends and threats, applies advanced knowledge of security technologies, and facilitates innovation to enhance resilience throughout our environments. Effective interaction with internal STRM teams and other groups inside and outside of Corporate Security is an essential aspect of this role. Strong documentation and communication skills with the ability to manage complex discussions are also required. Responsibilities• Implement the strategic technical roadmap for the 'Defend' product team as defined by the Defend Product Owner, which covers defensive security controls, platforms, capabilities and configurations across dozens of security tools and including EDR, DLP, Email Security, SIEM, SOAR, XDR, NGFW, UEBA, NDR, and more.• Contribute to and execute on the Defend roadmap by translating security strategy and requirements into well-defined technical initiatives and deliverables.• Act as a technical lead for the Defend feature team, helping prioritize work, sharing expertise with other engineers, and ensuring consistent engineering standards and outcomes.• Collaborate with stakeholders across engineering, endpoint, identity, cloud, and SecOps teams to implement and optimize security controls.• Translate security requirements, risk policies, and threat models into actionable engineering work items and backlog-ready initiatives.• Lead and participate in security capability assessments, providing recommendations to product and program leadership.• Configure, integrate, and optimize security tooling (e.g., EDR/XDR, NGFW, IDS, DLP, Application Control) in alignment with defined objectives and initiatives.• Monitor control effectiveness and participate in continuous tuning of policies and detections to reduce friction while increasing coverage and fidelity.• Ensure implementations align with internal security standards, regulatory requirements, and industry best practices. All About You The ideal candidate for this position should:• Bachelor's degree in computer science, Cybersecurity, Information Technology, Engineering, or a related field. • 2-3 years of hands-on experience in cybersecurity, security operations, incident response, detection engineering, threat hunting, or related security disciplines. • Be a hands-on Security Engineer with experience across multiple security domains and SecOps functions such as Security Operations, Security Engineering, Incident Response, Detection Engineering, Threat Hunting, and Insider Threat in a large, complex enterprise environment. • Have experience working within Agile or hybrid delivery models, contributing to backlog refinement, sprint execution, and cross-team coordination. • Be skilled at translating complex security requirements into clear, implementable technical designs and work items. • Be comfortable working directly with security tooling, including configuring access controls, tuning detections, integrating telemetry, and supporting detection lifecycles. • Demonstrate strong technical communication skills, with the ability to explain designs, trade-offs, and outcomes to both technical and non-technical stakeholders. Additional capabilities that will set you apart:• Experience implementing proactive security controls, working with modern security platforms, and tooling.• Hands-on experience integrating and operationalizing advanced threat intelligence within security tools, controls, and platforms.• Hands on experience with leveraging Agentic AI to modernize security operations.• Strong understanding of modern SecOps concepts such as attack surface reduction, response automation, posture management, zero trust, and cloud-native security.• Familiarity with common regulatory and security frameworks (e.g., NIST, ISO, MITRE ATT&CK, D3FEND, PCI).• Proven ability to collaborate effectively with SOC, IR, Engineering, and platform teams to deliver shared outcomes.• A mindset of continuous improvement, with a passion for optimizing security tooling and processes through engineering excellence.• Hands on experience with configuration and optimization of the Microsoft Security ecosystem of tools including XDR, Sentinel, Security Copilot, and Defender for Endpoint.• Security platform administration with experience in building, configuring, tuning, and optimizing security policies and controls. Corporate Security Responsibility All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must: - Abide by Mastercard's security policies and practices; - Ensure the confidentiality and integrity of the information being accessed; - Report any suspected information security violation or breach, and - Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines.

Related Categories

Related Job Pages

More Security Engineer Jobs

ORAEX CLOUD CONSULTING logo

Mid-level Cybersecurity Analyst – AppSec

ORAEX CLOUD CONSULTING

Data Management • Cloud • DevOps • Observability

Full TimeRemoteTeam 51-200Since 2012H1B No Sponsor

• Implement and evolve Cybersecurity practices with a focus on DevSecOps, Application Security (AppSec) and security process automation; • Support the integration of security controls into CI/CD pipelines (Jenkins, Azure DevOps and GitLab), contributing to SSDLC adherence and continuous improvement of secure development processes; • Perform security analyses, tests and validations on applications, identifying vulnerabilities and supporting their remediation with development teams; • Develop and maintain automations in Python and/or Shell Script to optimize Cybersecurity activities, including metric collection, report generation and tool integrations; • Support initiatives applying Artificial Intelligence and LLMs in security processes, contributing to analysis, information correlation and automation of operational activities; • Work together with AppSec, CTU, Risk Remediation, Development and Infrastructure teams to implement security improvements and follow up on technical requests; • Analyze vulnerabilities identified by SAST, SCA, DAST and infrastructure scanners, supporting risk prioritization and remediation; • Produce metrics, dashboards and operational and management reports related to Cybersecurity initiatives and processes; • Contribute to area projects and initiatives, participating in the definition and implementation of technical solutions aligned with security best practices.

Brazil
ContractRemoteTeam 51-200

• Collaborate effectively with cross-functional teams to assess, document, and communicate security risks and mitigation strategies. • Perform the scanning procedures required for the comprehensive security assessments in alignment with FedRAMP, BSI IT-Grundschutz, and other international regulatory frameworks • Provide clear, actionable recommendations to improve security posture based on assessment findings, industry best practices, and compliance requirements. • Support the development and continuous refinement of security assessment methodologies and documentation. • Analyze and validate security controls across multiple cloud providers like OpenStack (AWS, Azure and GCP also accepted)

United States

Disaster Recovery & Cyber Security Resilience Engineer

UChicago Medicine

We’ve been at the forefront of medicine since 1899. We provide superior healthcare with compassion, always mindful that each patient is a person, an individual. To accomplish this, we need employees with passion, talent and commitment… with patients and with each other. We’re in this together: working to advance medical innovation, serve the health needs of the community, and move our collective knowledge forward. If you’d like to add enriching human life to your profile, UChicago Medicine is for you. Here at the forefront, we’re doing work that really matters. Join us. Bring your passion.

Role Description Join a world-class academic healthcare system, UChicago Medicine, as a Disaster Recovery & Cyber Security Resilience Engineer in our Information Security department. This is a remote, work from home opportunity, and you may be based outside of the greater Chicagoland area. The Disaster Recovery & Cyber Security Resilience Engineer is responsible for the technical execution of disaster recovery and cyber resilience processes aligned with operational goals of the disaster recovery and cyber resilience program across the health system. This hands-on role focuses on technical recovery expertise while collaborating with application owners, infrastructure teams, and business teams to develop and update technical disaster recovery plans for critical applications and infrastructure. This role will be involved with implementing, maintaining, and testing disaster recovery systems and downtime solutions. It will validate application recovery processes and confirm they are properly backed up and protected according to organizational policies and procedures to ensure the health system’s critical technology infrastructure remains operational and protected against disruptions. This role will act as a trusted advisor to the Assistant Director to provide guidance with identified recovery gaps, implement technical recovery improvements, and evaluate emerging technologies and methods to improve disaster recovery capabilities. - Create and maintain standardized technical recovery procedures for critical systems outlining processes for data backup, system restoration, and operational continuity in case of a technology or cybersecurity emergency. - Implement the disaster recovery and cyber resilience program framework on recovery procedure development and testing to monitor compliance with regulatory, legal, and organizational requirements for disaster recovery planning. - Assist with coordinating and participating in regularly conducted disaster recovery and cyber security resiliency drills and efforts for the health system to assess preparedness and identify areas for improvement. - Track reported issues and update technical documentation based on test results to continuously improve technical processes and workflows of recovery. - Identify recovery process improvements and evaluate emerging technologies to improve disaster recovery capabilities and develop comprehensive disaster recovery plans. - Other duties as assigned. Qualifications - Bachelor's degree required in Information Security, Computer Science, Information Technology, or a related field; master’s degree favored. Will consider years of experience in lieu of degree. - 5 years of relevant experience in backup and replication technologies (i.e. Veeam) used in clinical, research, and education in healthcare. - 5 years of relevant experience with incident response serving as a primary technical contact during disaster events, coordinating recovery efforts with internal and external vendors. - 5 years of experience in infrastructure engineering with a specific focus on business continuity or cyber resiliency. - Demonstrated proficiency with HIPAA Security, NIST, and other relevant healthcare regulations and standards. - Ability to collaborate with technical teams and develop disaster recovery procedures for critical clinical applications running across multiple operating systems, databases, and cloud platforms. - Knowledge of various recovery strategies and methods utilized during recovery. - Ability to coordinate efforts with infrastructure team to execute regular DR testing, including failover simulations and data restoration to identify and remediate gaps. - Proven ability to build positive team relationships with all levels of the enterprise and across a diverse set of departments. - Skilled in project management and work plan development and implementation. - Knowledge and ability to direct a team in integrating information technology services with the work requirements and deliverables of units and departments. - Effective oral and written communication skills and interpersonal skills. Requirements - Academic medical center and/or health care consulting experience strongly preferred. - Current Certified Disaster Recovery Engineer (CDRE) designations or ability to obtain is strongly preferred. Position Details - Job Type/FTE: Full-time - Shift: Days - Location: Remote - Department: Information Security - CBA Code: Non-Union

United States
$117.5K - $137K / year
First Citizens Bank logo

Cyber Security Architect

First Citizens Bank

First Citizens Bank offers a full line of financial services and focuses on individuals, as well as small to medium-sized businesses. As an employer, the compan

Role Description This is a remote role that may be hired in several markets across the United States. Remote with ability to travel to Raleigh, North Carolina, Phoenix, Arizona or Morristown, New Jersey, on an as needed basis. This position is responsible for delivering architecture intent to enterprise stakeholders and the Information Security organization at-large, that ensures the secure realization of business initiatives in a manner consistent with the Bank’s current and future risk appetite. - Security Strategy: Assists in designing and implementing security strategies for assigned subject matter domain (e.g., Identity and Access Management, Compute) and Information Security, at-large based on knowledge of the assigned-domain; bank policies and standards; current, and anticipated, regulatory requirements; and expected threats and associated risks. - Security Architecture: Review existing and proposed architectures, identify security gaps – through threat modeling and/or technical risk assessment, and recommend changes and/or enhancements. Continuously enhance process(es) to drive scale, consistency, repeatability, to this end. - Solutions Architecture: As required, function as a solutions architect for security solutions; provide the initial solutions architecture, assist with foundational integrations, and lead the initial implementation of solutions. - Business Support: Serve as an Information Security subject matter expert, providing advisory and consulting services to stakeholders, as required. Effectively communicate to technical and non-technical audiences alike in both oral and written form. - Continuous Education: Maintains a strong knowledge of developments in information technology, developments in security technology, and emerging security threats. Utilizes knowledge to influence security strategy – e.g., identity technology capabilities needed to address threats; establish secure design patterns for emergent technologies. Qualifications - Bachelor's Degree and 8 years of experience in Information Technology including Information Security OR High School Diploma or GED and 12 years of experience in Information Technology including Information Security. - 4+ years of providing architecture and/or security architecture subject matter expertise in a large-scale enterprise environment. - Demonstrable experience with threat modelling (e.g., PASTA, STRIDE, DREAD) and technical risk assessment in an enterprise environment. - Familiarity with one or more Industry-standard security frameworks – e.g., NIST RMF, NIST CSF, COBIT, ISO, CIS, CSA CCM. - Familiarity with one or more Industry-standard architectural frameworks – e.g., TOGAF, DODAF, Zachman. - Familiarity with one or more cyber-attack taxonomies (e.g., CAPEC, ATT&CK). - Advanced Security Certifications, such as Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) are highly desirable. - Experience with scripting and/or programming. - Effective communicator, capable of effectively translating and presenting complex technical concepts to both technical and non-technical management and customers, through oral presentations and written media (white papers and demonstrations). - Exceptional interpersonal skills and a collaborative spirit that enables you to work effectively with stakeholders at all levels, agnostic of background. - Strategic planning and execution, with a talent for turning complex challenges into actionable solutions. - Strong analytical skills with high attention to detail and accuracy with the ability to use data-driven metrics to communicate change and risk reduction. - Large Financial Institution (LFI) experience. Requirements - This job posting is expected to remain active for 30 days from the initial posting date listed above. If it is necessary to extend this deadline, the posting will remain active as appropriate. Job postings may come down early due to business need or a high volume of applicants. - The base pay for this position is generally between $143,000 and $185,000. Actual starting base pay will be determined based on skills, experience, location, and other non-discriminatory factors permitted by law. For some roles, total compensation may also include variable incentives, bonuses, benefits, and/or other awards as outlined in the offer of employment. Benefits - Benefits are an integral part of total rewards and First Citizens Bank is committed to providing a competitive, thoughtfully designed and quality benefits program to meet the needs of our associates. More information can be found at https://jobs.firstcitizens.com/benefits .

United States
$143K - $185K / year