Lead Information Security Engineer
Overview
The Data Security team is focused on protecting Mastercard’s most critical asset—data—by establishing strong foundations in information classification and loss prevention and continuously improving our data security posture across enterprise, cloud, and hybrid environments. This role will play a key part in advancing data security capabilities, including data classification, data loss prevention (DLP), data security posture management (DSPM), while partnering closely with privacy, risk, business, and technology teams.
Role
Support and evolve enterprise data classification and protection standards, ensuring sensitive data is consistently identified, labeled, and handled appropriately.
Design, implement, and maintain DLP controls to detect, prevent, and respond to unauthorized data sharing or exposure across email, endpoints, collaboration tools, cloud services, and network channels.
Contribute to Data Security Posture Management (DSPM) efforts by helping discover where sensitive data resides, who has access to it, and whether it is properly protected.
Partner on data security governance activities, including policy alignment, exception handling, metrics, and continuous improvement initiatives.
Support audit and regulatory responses (e.g., evidence gathering, control mapping, and issue remediation) in collaboration with Risk, Privacy, and Corporate Security stakeholders.
Help define and track KPIs and KRIs to provide visibility into data security effectiveness, coverage, and risk trends.
Act as a strong cross‑functional partner, balancing security, compliance, and business enablement while supporting Mastercard’s Zero Trust data strategy.
All About You
Successful track record in identifying ways to modify the security program (data loss prevention) to keep up with the ever‑changing technology & security landscape.
Experience leading initiatives focused on enterprise data classification, DLP, and/or DSPM.
Familiarity with enterprise data security concepts, cloud and SaaS environments, and modern collaboration platforms.
Comfort working across audit, risk, privacy, and technology teams.
Strong written and verbal communication skills, with the ability to explain security concepts clearly to diverse audiences.
A mindset focused on outcomes, continuous improvement, and enabling the business securely.
Ability to design, govern and communicate controls, not just operate tools (with understanding of industry security standards: NIST Cybersecurity Framework, NIST SP 800‑53 / 800‑171, ISO/IEC 27001 & 27002, Zero Trust, and more).
Corporate Security Responsibility
Abide by Mastercard’s security policies and practices.
Ensure the confidentiality and integrity of the information being accessed.
Report any suspected information security violation or breach.
Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.
#J-18808-Ljbffr