Mastercard logo
Mastercard

Founded in 1966, Mastercard is a worldwide transaction, payment-processing, and consulting company best known for its line of personal and business credit cards. As an employer, Ma

Principal Information Security Engineer - Blockchain Technology

Security EngineerSecurity EngineerFull TimeRemoteLeadTeam 38,800Since 1966

Location

Ireland

Posted

2 days ago

Salary

0

Seniority

Lead

English

Job Description

Principal Information Security Engineer - Blockchain Technology

Mastercard

Our Purpose Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we're helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential. Title and Summary Principal Information Security Engineer - Blockchain Technology Who is Mastercard? Mastercard is a global technology company in the payments industry. Our mission is to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart, and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments, and businesses realize their greatest potential. Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. With connections across more than 210 countries and territories, we are building a sustainable world that unlocks priceless possibilities for all. Mission First, People Always As Corporate Security, we are responsible for keeping Mastercard safe and secure from cyber and physical threats, and it is our people on the frontlines who make this happen every day. By taking care of our people, their wellbeing, and career development, we provide them the necessary tools and environment to ensure the success of our mission. Overview Mastercard is seeking a Principal Information Security Engineer to support Mastercard's Crypto Products and Solutions Blockchain Networks platforms. This role is ideal for a security leader who thrives in fast moving, high availability environments and is passionate about building secure, scalable, and resilient payment ecosystems. You will drive the security roadmap for the Crypto Products and Solutions Blockchain Networks program, partnering closely with engineering, product, and global business teams to ensure our blockchain services meet the highest standards of security, compliance, and customer trust. You will influence architecture, guide security-by-design practices, and help shape the future of Mastercard's international payment capabilities. Role As a Principal Information Security Engineer supporting Crypto Products and Solutions Blockchain Networks, you will: Security Architecture & Strategy• Influence and implement security requirements, standards, and architectural patterns for large scale, Crypto Products and Solutions Blockchain Networks platforms.• Define platform level security architecture and drive execution of long term security strategy for Crypto Products and Solutions Blockchain Networks.• Lead threat modelling, risk assessments, and security design reviews for high velocity, high availability systems. Engineering & Delivery• Support the design, testing, and implementation of complex security solutions aligned with regulatory, operational, and customer requirements.• Identify risks and propose compensating controls tailored to blockchain transaction flows and blockchain environments.• Partner with engineering teams to embed security into CI/CD pipelines, APIs, cloud services, and blockchain processing components. Leadership & Influence• Serve as a trusted advisor to engineering and business leaders across Crypto Products and Solutions Blockchain Networks programs.• Apply deep technical expertise to mentor and develop junior engineers and security practitioners.• Provide input into performance evaluations for team members and emerging talent. Stakeholder Engagement• Build and maintain strong relationships with business owners, product teams, engineers, project managers, customers, and senior leadership.• Translate security concepts into actionable guidance for diverse technical and non technical audiences.• Represent Corporate Security in Crypto Products and Solutions Blockchain Networks initiatives, regulatory discussions, and cross functional working groups. All About You You are an experienced security leader with a passion for enabling secure, blockchain services. You bring: Technical & Leadership Experience• Undergraduate degree preferably in computer science/information security or work experience equivalent of 10-15 years in information security disciplines.• Extensive IT experience demonstrating thought leadership and cross functional influence.• Proven success enabling business outcomes through strong technical decision making.• Experience influencing project teams and collaborating with business partners, vendors, and consulting organisations.• Excellent communication skills, with the ability to influence, negotiate, and drive alignment across global teams.• CISSP/CISM or industry recognised security certification an advantage. Security Engineering Expertise• Strong background in information security engineering, including risk identification and compensating control design. • Knowledge of blockchain security principles and ability to reflect them as security requirements• Strong understanding of cryptography concepts e.g. symmetric/asymmetric encryption, hashing, digital signatures, including their application in blockchain technologies• Experience supporting or securing blockchain solutions, is highly beneficial.• Experience in Secure-SDLC processes and their support across development teams highly beneficial Risk & Compliance Framework Expertise• Demonstrated experience working with risk based security and compliance frameworks, including SOC 2, PCI DSS, DORA, and the Cyber Risk Institute CRI profiles, or other relevant regulatory or industry standards.• Ability to understand, interpret and apply security related frameworks across complex technology environments.• Experience collaborating with audit, compliance, and regulatory teams to ensure alignment between security controls, business processes, and external obligations.• Proven capability to assess control effectiveness, identify gaps, and drive remediation strategies that balance security, operational efficiency, and business needs. Corporate Security Responsibility Every person working for, or on behalf of, Mastercard is responsible for information security. All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and therefore, it is expected that the successful candidate for this position must: • Abide by Mastercard's security policies and practices;• Ensure the confidentiality and integrity of the information being accessed;• Report any suspected information security violation or breach, and • Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines. Corporate Security Responsibility All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must: - Abide by Mastercard's security policies and practices; - Ensure the confidentiality and integrity of the information being accessed; - Report any suspected information security violation or breach, and - Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines.

Related Categories

Related Job Pages

More Security Engineer Jobs

Role Description Our Information Security team protects Revolut's systems, data, and people. They combine technical expertise with a proactive, risk-based mindset to stay ahead of threats and keep our technology and customers secure at every step. We're looking for an Information Security Manager to collaborate with regulators, management, and the Risk and Compliance team to oversee all things related to information security. You'll ensure proper documentation and reports are accurate and compliant. Up to shape what's next in finance? Let's get in touch. What you'll be doing - Managing information security policies and advising on and/or implementing these policies into practical, actionable procedures to ensure compliance - Reporting and communicating InfoSec risk and compliance matters to both internal and external stakeholders - Acting as an advisory function on cross-functional security risk and compliance topics - Drafting, supporting, and peer-reviewing responses to regulatory RFIs - Ensuring InfoSec services are delivered consistently and to a high standard across functions - Identifying gaps in policies or processes by assessing risk, compliance, control management, and service quality, and driving process or control improvements to remediate them Qualifications - 3+ years of information security management experience in financial services, banking, and/or payments - Fundamental knowledge of information security governance, risk management, and compliance management - An understanding of information security controls across domains and how they operate - Excellent analytical, problem-solving, and decision-making skills - Impressive communication, negotiation, and stakeholder management skills Nice to have - Relevant information security certifications (CISSP, CISM, CRISC, CISA) - Knowledge of building SQL queries for business intelligence/management information Compensation range - US: $224,100 - $249,000 gross annually* - Other locations: Compensation will be discussed during the interview process - *Final compensation will be determined based on the candidate's qualifications, skills, and previous experience Important notice for candidates - Only apply through official Revolut channels. We don't use any third-party services or platforms for our recruitment. - Always double-check the emails you receive. Make sure all communications are being done through official Revolut emails, with an @revolut.com domain. - We won't ask for payment or personal financial information during the hiring process. If anyone does ask you for this, it's a scam. Report it immediately.

United States
$224.1K - $249K / year
Leidos logo

Information System Security Officer / Information System Security Engineer

Leidos

Leidos is an innovation company rapidly addressing the world’s most vexing challenges in national security and health.

Full TimeRemoteTeam 10,001+Since 1969H1B Sponsor

Role Description The DoW Healthcare Management System Modernization (DHMSM) Program is looking for an experienced ISSO/ISSE to join our cyber team in support of the continued development, sustainment, and deployment of the Military Health System (MHS) GENESIS system. MHS GENESIS is deployed globally to over 3700 locations at 138 Medical Treatment Facilities (MTFs), serving 190K users, providing 1100+ clinical workflows delivering medical electronic health record (EHR) capabilities for nearly 10M beneficiaries. The ISSO supports the Cybersecurity Leads with all Risk Management Framework (RMF) Authorization and Sustainment related functions to include: - Maintaining RMF Authorizations for all assigned ATOs including any required IATT, ATO, ASR, RA and ConMon related activities. - Primary cybersecurity review of system architecture and technical artifacts (to include PPSM, diagrams, STIGs, compliance evidence, and policy documentation). - Developing, updating and working with Cybersecurity Leads and LPDH partners to ensure implementation of cybersecurity policies and procedures. - Ensuring assigned systems meet requirements to obtain required authorizations and approvals including IATT, ATO, and ASRs from the assigned Authorizing Official (AO). - Understanding all DOW and DHA RMF policies, procedures, and guidance and keeping up with all changes. - Ensuring eMASS record is maintained in accordance with DHMHSM and DHA requirements. - Assisting with the development of templates and recommending other tools to support risk management and ATO activities, as needed. - Working with CyberOps to ensure all assets are scanned properly and that any scan issues are resolved in a timely manner. - Tracking all issues. - Developing and Maintaining Plans of Action and Milestones (POA&Ms) and Risk Acceptances for all assigned ATOs. - Tracking vulnerability remediation statuses and POA&M closures on a weekly basis for metrics reporting. - Periodically evaluating the effectiveness of all Assessment Procedures for RMF security controls to ensure operational security posture is maintained. - Supporting cybersecurity compliance assessment efforts by providing systems engineering and documentation support. - Ensuring all DoW and DHA cybersecurity-related documentation is current and accessible to properly authorized individuals. - Assisting Cybersecurity Leads in ensuring the project meets identified milestones and requirements. - Contributing to the development of cyber strategies and any associated documentation. - Ensure all users have requisite security clearances and access authorization. - Provide Subject Matter Expertise for customer inquiries. Qualifications - BS degree and 8-12 years of prior relevant experience. - US Citizen with Active Secret Clearance or higher – required. - Minimum of 5 years’ hands-on experience on Defense Health Agency projects in a cybersecurity role. - DoW 8570 Certification. - Proficiency in eMASS. - Prior experience with DoW Accreditation and tools such as eMASS, ACAS, CMRS and HBSS. - Knowledge of networks, cyber defense toolsets and processes. - Strong understanding of related technologies and significant knowledge of networking technologies, operating systems, and security tools, tactics, techniques, and procedures. - Attention to detail. - Excellent written and verbal communication skills. - Experience with network and network security assessments and documenting the results using NIST SP 800-53A (Rev 5). - Strong ability to document recommendations to correct security weaknesses resulting from security assessments. - Experience developing network and network security policies and system security documentation and procedures. - Experience with DoW Information Assurance Vulnerability Management (IAVM) Program. - Experience with Cloud. - Experience with Containers. - Scripting knowledge: PowerShell, Python, Shell Scripting. Requirements - PMP Certification. - A high degree of proficiency in eMASS. - DHA A&A Experience. - Proficiency in ACAS/NESSUS, SCAP. - Experience with Cloud. - Experience with Containers. - Experience with the DoW Information Assurance Vulnerability Management (IAVM) Program. Benefits - Pay Range: $107,900.00 - $195,050.00. - The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. - Additional factors considered in extending an offer include responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

United States
$107.9K - $195.1K / year
NTT Ltd. logo

Senior Principal Security Services Sales Specialist

NTT Ltd.

NTT DATA is a $30+ billion business and technology services leader, serving 75% of the Fortune Global 100. We are committed to accelerating client success and positively impacting society through responsible innovation. As a Global Top Employer, we have experts in more than 50 countries and offer clients access to a robust ecosystem of innovation centers as well as established and start-up partners.

Full TimeRemoteTeam 10,001

Role Description The Senior Principal Security Services Sales Specialist is a highly skilled and advanced subject matter expert and is a quota-bearing sales persona. This go-to-market role has the primary responsibility to work with services teams to identify, develop, and close managed service and outsourcing deals. - This is a services expert role, recognized as the client’s trusted cloud managed services advisor. - Applies consulting led sales skills to engage and close opportunities with decision-makers. - Works directly with clients at a variety of levels, as well as other internal sales and delivery expert teams. - Champions the delivery teams’ understanding of the client’s solution requirements. - Initiates improvement programs ensuring that the client remains committed to solutions. - Focuses on converting the client to a managed services client resulting in multi-year renewals. - Partners with some of the biggest global organizations helping them convert to new business models. Qualifications - An in-depth understanding of cybersecurity concepts, threats, and common vulnerabilities. - Familiarity with a wide range of security solutions and best practices for securing networks and systems. - Expertise in positioning service offerings across Managed Services, Support Services, Consulting Services, and Technical Services. - Strong knowledge of IT infrastructure components such as servers, storage, virtualization, and data centers. - The ability to articulate the value of standardized, centralized, and optimized services from a business outcome perspective. - Significant business acumen with the ability to conduct strategic client conversations involving financial metrics. - Proven problem-solving skills and a client-centric approach. - Excellent negotiation skills to craft beneficial solutions for both the client and the company. - A bachelor's degree in a technical or sales field, or equivalent experience. Requirements - Ensures the generation of demand and selling Security Managed Services solutions. - Guides on addressing objections that a client may pose in moving to a managed services solution. - Guides on allocating and deciding sales time between assigned clients and new prospect opportunities. - Works cross-functionally with partners and/or vendors to drive select deals through vendor-based opportunities. - Advises on regional sales governance processes and deal clinics to profile opportunities. - Owns the maintenance of a high level of relevant service knowledge to have meaningful conversations with clients. - Owns the build and supports commercial solutions for Managed Services solutions. - Guides on managing a pipeline of opportunities and creating a shared strategy to meet sales targets. - Develops and owns the implementation of an opportunity plan. - Advises on the negotiation of deals with clients and leads the internal account management team. - Leads on regional reporting cadence as it relates to regional performance and major deal reviews. Benefits - Medical, dental, and vision insurance with employer contribution. - Flexible spending or health savings account. - Life and AD&D insurance. - Short and long term disability coverage. - Paid time off. - Employee assistance program. - Participation in a 401k program with company match. - Additional voluntary or legally-required benefits.

United States
$115K - $213K / year
Rappi logo

Senior Incident Response Engineer

Rappi

For more information check our website here and check our reviews on Glassdoor here . We are waiting for you to build and deliver the magic together!

Full TimeRemoteTeam 1,001-5,000

Role Description Buscamos un Senior Incident Response Engineer para liderar la gestión, investigación y contención de incidentes de seguridad en un entorno 100% cloud. Esta persona será clave en la respuesta a amenazas avanzadas, análisis forense digital y la mejora continua del proceso de IR, aprovechando herramientas potenciadas por inteligencia artificial para acelerar la detección. As part of Rappi, you will be responsible for: - Trabajarás de forma autónoma en un equipo distribuido globalmente, con alto impacto en la postura de seguridad de la organización. Responsabilidades - Liderar la respuesta a incidentes de seguridad de alta criticidad en entornos cloud (AWS, GCP, Azure) de punta a punta: detección, contención, erradicación y recuperación. - Realizar análisis forense digital (DFIR) en infraestructura cloud, contenedores (Kubernetes, Docker) y endpoints. - Desarrollar y mantener playbooks de IR automatizados integrando IA/ML para detección y triaje inteligente. - Implementar y optimizar plataformas SOAR con capacidades de IA generativa para acelerar tiempos de respuesta. - Colaborar con equipos de Blue Team y Red Team para correlacionar indicadores y mejorar la cobertura de detección. - Ejecutar análisis de malware (estático y dinámico) y threat hunting proactivo basado en hipótesis. - Gestionar la comunicación durante incidentes con stakeholders técnicos y ejecutivos. - Documentar hallazgos, métricas de incidentes (MTTD, MTTR) y lecciones aprendidas con foco en mejora continua. - Mentorear a engineers junior del equipo y participar en rotación de guardia (on-call). Qualifications - 5+ años de experiencia en Incident Response y/o Digital Forensics (DFIR). - Experiencia comprobable en forense cloud: AWS CloudTrail, GCP Audit Logs, Azure Sentinel/Defender. - Dominio de frameworks de referencia: MITRE ATT&CK, NIST IR (SP 800-61), PICERL. - Experiencia con SIEM/SOAR: Splunk, Elastic, Google Chronicle (SecOps), Palo Alto XSIAM, IBM QRadar. - Scripting y automatización: Python, Bash, PowerShell. - Experiencia con análisis forense en contenedores y Kubernetes. - Manejo de herramientas forenses: Volatility, Autopsy, OSQuery, Velociraptor. - Familiaridad con IA aplicada a seguridad: triaje asistido por LLMs, detección de anomalías con ML, pipelines de enriquecimiento automático de alertas. Requirements - Certificaciones: GCFE, GCFA, GCIH, GREM, AWS Security Specialty. - Experiencia con threat intelligence platforms: MISP, OpenCTI, ThreatConnect. - Contribuciones a proyectos open source de seguridad (herramientas, reglas de detección, playbooks). - Experiencia en respuesta a APTs, ransomware o brechas a gran escala. - Conocimiento de regulaciones y compliance: SOC2, ISO 27001, PCI-DSS, GDPR. Benefits - Capacidad para tomar decisiones críticas bajo presión en situaciones de alta incertidumbre. - Comunicación clara y efectiva con audiencias técnicas y no técnicas, en formato async/escrito. - Mentalidad de mejora continua: cada incidente es una oportunidad para fortalecer el sistema. - Autonomía y responsabilidad en entornos de trabajo 100% remotos y distribuidos.

Worldwide