Senior Vulnerability Analyst

The Senior Vulnerability Analyst is accountable for supporting the vulnerability scanning capability within the Vulnerability Management function. This includes scanning platforms, ensuring timely and accurate vulnerability identification, and driving improvements to coverage, automation, reporting and overall scan effectiveness. The role acts as a subject‑matter expert for vulnerability scanning—ensuring vulnerabilities are accurately detected, communicated to stakeholders, and aligned with Mastercard’s broader security strategy. It also contributes to continuous improvement across the vulnerability management lifecycle.

Key Responsibilities

• Operations
  • Support the Vulnerability Scanning team.
  • Oversee daily scanning operations, ensuring accuracy, completeness and adherence to SLAs.
  • Ensure timely delivery of scan results, reporting, and escalations.
• Technology Ownership
  • Maintain the vulnerability scanning toolsets across infrastructure, applications, cloud and network environments.
  • Ensure scanning coverage remains complete and up to date across all assets.
  • Monitor scan performance, tune configurations, and optimize scanning processes.
  • Champion automation and integration with asset management tools.
• Governance, Controls & Standards
  • Maintain policies, standards and processes related to vulnerability scanning.
  • Ensure alignment with Mastercard security policies, regulatory requirements, and industry best practice.
  • Support audits, compliance reviews and evidence requests relating to scanning.
• Analysis, Reporting & Continuous Improvement
  • Provide expert interpretation of scan results, threat alerts and vulnerability intelligence.
  • Deliver high‑quality management information, dashboards and reporting to senior leaders.
  • Identify and drive continuous improvements in scanning effectiveness, coverage and process efficiency.
  • Propose enhancements to technology, workflows or methodologies based on metrics and stakeholder feedback.
• Collaboration & Stakeholder Engagement
  • Act as a point of contact for scanning‑related queries.
  • Partner closely with remediation teams, threat intelligence, engineering, and application teams.
  • Contribute to incident response and investigations where vulnerabilities are involved.
  • Represent the scanning function in cross‑functional projects and working groups.

About You

Experience & Expertise

• Demonstrable experience leading a vulnerability scanning or vulnerability management team.
• Strong technical expertise with enterprise vulnerability scanning technologies (e.g., Tenable, Qualys, Rapid7, Prisma, or equivalent).
• Strong understanding of network, cloud, application and container security principles.
• Experience implementing vulnerability management strategies, tools and process improvements.
• Solid understanding of malware behaviours, attack vectors, and exploit methodologies.

Skills (Technical)

• Excellent knowledge of security standards, frameworks and regulatory expectations.
• Strong analytical and problem‑solving skills.
• Ability to interpret vulnerability data and communicate in business‑friendly language.
• Strong understanding of network design, traffic flows, and firewall architecture.

Skills (Professional)

• Excellent communication and presentation abilities.
• Ability to prioritise and manage competing demands in a fast‑paced environment.
• Strong business acumen and ability to influence across technical and non‑technical teams.

Corporate Security Responsibilities

• Abide by Mastercard’s security policies and practices.
• Ensure confidentiality, integrity and appropriate use of information.
• Report any suspected security incidents or breaches.
• Complete required security training as mandated.