Lead Information Security Engineer
Overview
The Data Security team is focused on protecting Mastercard’s most critical asset—data—by establishing strong foundations in information classification and loss prevention and continuously improving our data security posture across enterprise, cloud, and hybrid environments.
This role will play a key part in advancing data security capabilities, including data classification, data loss prevention (DLP), data security posture management (DSPM), while partnering closely with privacy, risk, business, and technology teams.
Role
In this role, you will:
Support and evolve enterprise data classification and protection standards, ensuring sensitive data is consistently identified, labeled, and handled appropriately
Design, implement, and maintain DLP controls to detect, prevent, and respond to unauthorized data sharing or exposure across email, endpoints, collaboration tools, cloud services, and network channels
Contribute to Data Security Posture Management (DSPM) efforts by helping discover where sensitive data resides, who has access to it, and whether it is properly protected
Partner on data security governance activities, including policy alignment, exception handling, metrics, and continuous improvement initiatives
Support audit and regulatory responses (e.g., evidence gathering, control mapping, and issue remediation) in collaboration with Risk, Privacy, and Corporate Security stakeholders
Help define and track KPIs and KRIs to provide visibility into data security effectiveness, coverage, and risk trends
Act as a strong cross functional partner, balancing security, compliance, and business enablement while supporting Mastercard’s Zero Trust data strategy
Qualifications
The ideal candidate for this position should have:
Successful track record in identifying ways to modify the security program (data loss prevention) to keep up with the ever-changing technology & security landscape.
Experience leading initiatives focused on enterprise data classification, DLP, and/or DSPM
Familiarity with enterprise data security concepts, cloud and SaaS environments, and modern collaboration platforms
Comfort working across audit, risk, privacy, and technology teams
Strong written and verbal communication skills, with the ability to explain security concepts clearly to diverse audiences
A mindset focused on outcomes, continuous improvement, and enabling the business securely
Ability to design, govern and communicate controls, not just operate tools (with understanding of industry security standards: NIST Cybersecurity Framework, NIST SP 800 53 / 800 171, ISO/IEC 27001 & 27002, Zero Trust, and more)
Corporate Security Responsibility
Abide by Mastercard’s security policies and practices;
Ensure the confidentiality and integrity of the information being accessed;
Report any suspected information security violation or breach;
Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.
#J-18808-Ljbffr