Mastercard Logo

Mastercard

Lead Program Security Engineer

Reposted 2 Hours Ago
Be an Early Applicant
Remote or Hybrid
Hiring Remotely in Dublin
Senior level
Remote or Hybrid
Hiring Remotely in Dublin
Senior level
Lead security partner for Data Commercialization and AI programs. Advise product and engineering teams on secure design, embed security in the SDLC, lead security reviews (threat models, architecture, code), translate policies into actionable controls, and improve protections for sensitive data and ML models through tooling, automation, and risk management.
The summary above was generated by AI
Our Purpose
Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we're helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential.
Title and Summary
Lead Program Security Engineer
Overview
Mastercard's Business Security Enablement (BSE) team is seeking a seasoned Lead Security Engineer (L6) - Data & AI to serve as the primary security advocate and advisor for our Data Commercialization and Artificial Intelligence initiatives. The BSE team is a worldwide group of information security experts focused on helping Mastercard achieve its goals by ensuring that security is at the heart of everything we do. In this role, you will collaborate with technology, engineering, and business teams to integrate strong security practices into Mastercard's data-driven products and AI solutions. The ideal candidate possesses a high level of expertise in information security and secure engineering disciplines, enabling them to advise product and development teams on designing secure applications and services following industry best practices. You will apply deep knowledge of security principles, theories, and concepts throughout the business and development lifecycles. As an L6 Security Engineer, you are expected to take a lead security role in large, complex, global, cross-functional initiatives. You will work closely with developers and architects to evaluate business needs, determine feasibility, and recommend optimal security solutions that meet both security and regulatory requirements. Furthermore, you will champion a strong security risk culture across the organization, proactively managing risks in alignment with Mastercard's risk appetite and ensuring data and AI innovations are secure by design.
Role
As the L6 Data & AI Security Engineer, you will be responsible for a variety of critical security engineering and business enablement activities:• Security Partnership & Advocacy: Serve as the primary security partner for Data Commercialization and AI programs. Provide security risk guidance from discovery through deployment, and advise product, engineering, and operations teams on secure design and delivery of data-driven and AI-powered solutions.• Security Engineering Enablement: Translate Corporate Security policies, standards, and controls into actionable guidance for Data & AI teams. Partner with security champions and deliver targeted training. Maintain security dashboards/documentation and ensure requirements (secure coding, data protection, IAM controls) are embedded in the SDLC. Ensure adherence to security policy, regulatory requirements, and industry standards (e.g., PCI-DSS, privacy). • Collaboration & Leadership: Partner with Business Security Officers (BSOs) and act as a bridge between Corporate Security and Data/AI product teams. Work with engineering and architecture to improve security of code, data pipelines, cloud services, and AI solutions. Promote a security-first culture across the domain.• Security Reviews & Oversight: Lead key security governance for Data & AI work, including design/code reviews, Solution Architecture approvals, Threat Model reviews, Third-Party technology reviews, Technical Architecture Diagram approvals, Network as a Service approval, and vulnerability management support. Drive security user stories in PI Planning and ensure requirements are tracked to closure.• Innovation & Continuous Improvement: Monitor emerging threats and best practices across data analytics and AI. Partner with cross-functional teams to strengthen protection for sensitive data and ML models. Improve architectures and processes through standardization and automation of security controls and tooling.
All About You
The ideal candidate for the L6 Data & AI Security Engineer position will demonstrate a blend of deep technical expertise, leadership, and collaborative skills, including:• Extensive Security and Engineering Experience: Typically, 7-10 years in information security, with hands-on secure software development and secure architecture/design, including reviewing code/systems for vulnerabilities. Experience with cloud platforms, APIs, and distributed systems preferred.• Leadership and Collaboration: Proven ability to work effectively in a global environment, build strong relationships, and influence cross-functional and executive stakeholders across varying technical depth.• Security Knowledge and Technical Skills: Advanced knowledge of security principles, domains, protocols, and standards, with familiarity with ISO 27001, PCI-DSS, NIST SP 800-53, and COBIT. Strong grounding in risk management and data privacy for data analytics, digital commerce, and AI solutions, and experience designing secure, multi-domain architectures.• Cryptography Security: Strong experience with cryptography and network security, including encryption, hashing, key management, PKI/certificates, TLS/SSL, VPN, IPsec, and related protocols.• DevSecOps: Experience with DevOps/DevSecOps, including CI/CD and automated deployments, with security controls embedded throughout the SDLC.• Technical Domain Expertise: Proficiency with data technologies, analytics platforms, and AI/ML frameworks; experience securing data platforms and/or AI/ML models.• Business & Industry Acumen: Knowledge of the payments and e-commerce landscape and security considerations for data-centric and AI-powered products, including best practices for protecting data assets and algorithms and awareness of emerging threats.• Mindset and Soft Skills: Professional, proactive, and solutions-oriented, with strong problem-solving and continuous-learning mindset. Excellent communication skills to articulate security risks and mitigations to technical and business audiences, and comfort operating in a fast-paced, global environment.
NICE Framework References
The National Initiative for Cybersecurity Education (NICE) provides a framework of cybersecurity work roles and competencies. This Mastercard role shares knowledge, skills, and abilities (KSAs) with several NICE Framework work roles, including:• SP-DEV-002 (OPM622) - Secure Software Assessor• SP-ARC-002 (OPM652) - Security Architect• OV-SPP-002 (OPM751) - Cyber Policy and Strategy Planner
Corporate Security Responsibility
At Mastercard, every person working for or on behalf of the company is responsible for information security. All activities involving access to Mastercard assets, information, and networks come with an inherent risk to the organization. Therefore, it is expected that the successful candidate for this position will:• Abide by Mastercard's security policies and practices.• Ensure the confidentiality and integrity of the information being accessed.• Report any suspected information security violation or breach in a timely manner.• Complete all periodic mandatory security training courses in accordance with Mastercard's guidelines.
Corporate Security Responsibility
All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:
  • Abide by Mastercard's security policies and practices;
  • Ensure the confidentiality and integrity of the information being accessed;
  • Report any suspected information security violation or breach, and
  • Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines.

Similar Jobs at Mastercard

2 Hours Ago
Remote or Hybrid
Senior level
Senior level
Blockchain • Fintech • Payments • Consulting • Cryptocurrency • Cybersecurity • Quantum Computing
Lead an AI engineering team to develop, fine-tune, and deploy foundation models and generative AI for high-impact use cases. Drive end-to-end delivery from problem definition to production, ensure data and MLOps readiness, establish evaluation and responsible AI practices, and provide technical leadership and stakeholder alignment to deliver secure, scalable, measurable solutions.
Top Skills: Data EngineeringEmbeddingsFine-TuningGenerative AiMlopsModel EvaluationProduction DeploymentPromptingPythonPyTorchTensorFlowTransformer Models
2 Hours Ago
Remote or Hybrid
Senior level
Senior level
Blockchain • Fintech • Payments • Consulting • Cryptocurrency • Cybersecurity • Quantum Computing
Lead design and delivery of Product Excellence tooling and platforms, define scalable architectures (Power Platform, SharePoint, Dataverse), drive end-to-end delivery, enforce data governance, transition operating models from manual to automated, and develop cross-functional teams while championing innovation and standardised processes.
Top Skills: DataverseDecision TrackerEnterprise PlatformsLow-CodePower PlatformSharepoint
2 Hours Ago
Remote or Hybrid
Senior level
Senior level
Blockchain • Fintech • Payments • Consulting • Cryptocurrency • Cybersecurity • Quantum Computing
Lead Security Engineer in the Business Security Enablement guild advising product and operational teams on secure design, driving security reviews, documenting and enhancing standards, presenting technical guidance, leading security for large global initiatives, recommending secure solutions to meet regulatory requirements, and implementing automation, scripting, and Linux-based security administration.
Top Skills: Asymmetric EncryptionAudit LoggingCryptographyDigital CertificatesDmzFile Integrity MonitoringIds/IpsIpsecLinuxPrivileged Identity ManagementProgramming LanguagesScriptingSecure ArchitectureSecurity FrameworksSsl/TlsSymmetric EncryptionVpnWeb Application Security

What you need to know about the Edinburgh Tech Scene

From traditional pubs and centuries-old universities to sleek shopping malls and glass-paneled office buildings, Edinburgh's architecture reflects its unique blend of history and modernity. But the fusion of past and future isn't just visible in its buildings; it's also shaping the city's economy. Named the United Kingdom's leading technology ecosystem outside of London, Edinburgh plays host to major global companies like Apple and Adobe, as well as a growing number of innovative startups in fields like cybersecurity, finance and healthcare.

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account