Lead Information Security Consultant in London

Mastercard is a global technology company in the payments industry. Our mission is to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart, and accessible. Mastercard is looking for a Lead Information Security Consultant based in either London, Dunstable or Harrogate. This exciting position within Vocalink builds strategic products used across the organization. The successful candidate will strongly influence product security and work with many stakeholders to ensure security is built into our services.

Responsibilities

• Deliver a quality service within the enterprise.
• Contribute to maturing the Security Consultancy team; building skills, improving consistency, and allowing scalability.
• Guide product and business teams on security best practices, and Corporate Security policies and procedures to ensure secure products are developed.
• Provide assurance that products are developed and deployed with the right balance of security to protect against threats to the business, built upon reliable processes and procedures.
• Develop and improve security standards and frameworks to meet the future needs of Mastercard.

Qualifications

• Strong security mindset and knowledge of current best practices, common exploits, and threat landscape.
• Broad security experience across a range of disciplines, with demonstrable experience implementing technology or business process solutions across software development, architecture, network security, assurance testing.
• Natural ability to negotiate with business to balance risk and security requirements with business opportunity, while ensuring ongoing compliance and regulatory needs.
• Ability to work with teams and manage expectations while building strong business relationships.
• Confident in providing technical guidance to team members for complex decisions including cryptography, network design, application security, data protection, identity and access management.
• Experience of security governance frameworks and producing required security outputs, including documentation and threat models over the course of projects.
• Experience working with a range of security standards such as ISO27001, NIST SP800-53, PCI-DSS etc.
• Motivated self-starter with agility, ability to manage ambiguity, deal with and anticipate change, while still meeting business objectives.
• Organisation of security assurance testing, using third party vendors.
• Proactive approach to helping develop the maturity of the security team’s capabilities.

Desirable Experience

• Relevant security certifications (CISSP, CISM, CSSLP, CISA).
• Experience of threat modelling and security risk assessment.
• Experience of Privileged Access Management, Secrets Management, PKI, Cryptography or Security Logging.
• Experience in the use of JIRA/Confluence.

Corporate Security Responsibilities

• Abide by Mastercard’s security policies and practices.
• Ensure the confidentiality and integrity of the information being accessed.
• Report any suspected information security violation or breach.
• Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.