Mastercard is looking to solve the business and technical problem of guiding the design, development, and delivery of significant cross-departmental initiatives that have a wide scope and long-term business impact within the Cryptographic Security Team.
Requirements
- Knowledge of cryptography, including several of the following: encryption, hashing, key management, digital certificates, TLS, PKCS11, and confidential computing
- Possessing over a year of extensive hands-on experience with any of the HSM such as Luna, Entrust, Utimaco, and Payshield.
- Demonstrate technical competency in security engineering based on hands-on experience or relevant qualifications
- Working knowledge and technical security experience with UNIX, Linux, FreeBSD, AIX, or Windows.
- Hand-on experience in Shell Scripting (Unix/Windows)
- Proficient in any of the following programming languages: Java, Python or Rust.
- Fundamental understanding of private or public cloud ecosystems and CI/CD practices.
Responsibilities
- Provide technical design and architecture advice to internal teams on securely developing and building applications and supporting systems pertaining to HSM.
- Create and execute automated processes for configuring, deploying, and upgrading HSM devices.
- Define secure mechanisms for critical business functions for both on-premises and in-cloud environments
- Work closely with Hardware Security Module vendors to follow up on product lifecycle, roadmap, new functionalities, and issues.
- Assist in the strategy, standards, and architecture for the cryptography, PKI, and key management aspects of the SDLC, including application, mobile, web service, DevOps, cloud, and CI/CD efforts
- Execute and own the baseline architecture implementations and design activities, collaborating with other engineers and engineering teams.
- Work on Pre SDLC or Discovery activities, owning and contributing to assigned activities related to technical feasibility & assessment and providing responses.
Other
- Candidates must be able to obtain a deep technical understanding of the applications/systems that they are working on and must be willing to dig in and ask challenging questions to make sure that plans are executed efficiently.
- Candidates should have a strong interest in Corporate Security Engineering.
- Candidates must demonstrate strong engineering and technical leadership and the ability to engage in out-of-the-box problem-solving.
- Demonstrate the ability to articulate and communicate effectively to diverse audiences, properly translate security and risk management terminology into business terms, and recommend alternative solutions to these stakeholders.
- Excellent interpersonal skills and ability to work in a collaborative environment.
