Information Security Engineer II-R-250956

Our Purpose

Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we’re helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential.

Title And Summary

Information Security Engineer II

• Overview
  
  
  

We are seeking a skilled and experienced security professional to manage and enhance our web application security infrastructure. The ideal candidate will bring expertise in application and network security, with a strong foundation in managing WAF platforms such as Imperva. This role requires a deep understanding of modern security frameworks, cloud environments, and incident response practices to ensure robust protection across systems.

• Role
  
  
  

Manage and optimize the Imperva Web Application Firewall (WAF) or similar platforms.

Conduct application security assessments aligned with OWASP Top 10 and other industry standards.

Administer and review AWS IAM policies, roles, and access controls.

Support and maintain firewall infrastructure, with an emphasis on Palo Alto Networks.

Collaborate with IT and security teams to manage secure network architecture including load balancers, routers, and virtualized environments.

Drive incident response efforts, including root cause analysis, documentation, and mitigation strategies.

Participate in infrastructure design reviews to enforce security best practices.

Engage in security governance and compliance activities, contributing to a secure SaaS and cloud-based operational environment.

• All About You / Experience
  
  
  

Proven experience managing Imperva WAF or similar web security platforms.

In-depth knowledge of OWASP Top 10, NVD databases, and CVSS scoring systems.

Strong background in application security testing and assessments.

Hands-on experience with AWS IAM, including creation of security policies and role-based access control.

Proficiency in core networking protocols and technologies: TCP/IP, HTTP, DNS, SSL/TLS, APIs, HTML, and JavaScript.

Familiarity with firewall systems, especially Palo Alto Networks.

Working knowledge of load balancing, network routing and switching, and virtualization platforms.

Demonstrated experience in security incident response, problem tracking, and reporting.

Understanding of IT infrastructure design with a security-first approach.

Exposure to AWS security controls and SaaS platforms is highly desirable.

Relevant certifications such as CISSP, AWS Security Specialist, or equivalent are preferred.

Corporate Security Responsibility

All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:

• Abide by Mastercard’s security policies and practices;
• Ensure the confidentiality and integrity of the information being accessed;
• Report any suspected information security violation or breach, and
• Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.
  
  
  

R-250956