Our Purpose
Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we’re helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential.
Title and Summary
Security Engineer (Threat Detection & Response)
Overview
The Security Threat & Response Management (STRM) program within Mastercard’s Corporate Security organization seeks a Security Engineer II for the Defend Product team to help execute our prevention-focused security control strategy. The ideal candidate will demonstrate initiative, strong analytical abilities, technical expertise in cybersecurity, and a proactive approach to problem-solving. This position is instrumental in defining and advancing the roadmap and strategy for the program’s core security tools and defenses. We are seeking a technically skilled professional who actively tracks emerging security trends and threats, applies advanced knowledge of security technologies, and facilitates innovation to enhance resilience throughout our environments. Effective interaction with internal STRM teams and other groups inside and outside of Corporate Security is an essential aspect of this role. Strong documentation and communication skills with the ability to manage complex discussions are also required.
Responsibilities
• Implement the strategic technical roadmap for the ‘Defend’ product team as defined by the Defend Product Owner, which covers defensive security controls, platforms, capabilities and configurations across dozens of security tools and including EDR, DLP, Email Security, SIEM, SOAR, XDR, NGFW, UEBA, NDR, and more.
• Contribute to and execute on the Defend roadmap by translating security strategy and requirements into well-defined technical initiatives and deliverables.
• Act as a technical lead for the Defend feature team, helping prioritize work, sharing expertise with other engineers, and ensuring consistent engineering standards and outcomes.
• Collaborate with stakeholders across engineering, endpoint, identity, cloud, and SecOps teams to implement and optimize security controls.
• Translate security requirements, risk policies, and threat models into actionable engineering work items and backlog-ready initiatives.
• Lead and participate in security capability assessments, providing recommendations to product and program leadership.
• Configure, integrate, and optimize security tooling (e.g., EDR/XDR, NGFW, IDS, DLP, Application Control) in alignment with defined objectives and initiatives.
• Monitor control effectiveness and participate in continuous tuning of policies and detections to reduce friction while increasing coverage and fidelity.
• Ensure implementations align with internal security standards, regulatory requirements, and industry best practices.
All About You
The ideal candidate for this position should:
• Bachelor’s degree in computer science, Cybersecurity, Information Technology, Engineering, or a related field.
• 2–3 years of hands-on experience in cybersecurity, security operations, incident response, detection engineering, threat hunting, or related security disciplines.
• Be a hands-on Security Engineer with experience across multiple security domains and SecOps functions such as Security Operations, Security Engineering, Incident Response, Detection Engineering, Threat Hunting, and Insider Threat in a large, complex enterprise environment.
• Have experience working within Agile or hybrid delivery models, contributing to backlog refinement, sprint execution, and cross-team coordination.
• Be skilled at translating complex security requirements into clear, implementable technical designs and work items.
• Be comfortable working directly with security tooling, including configuring access controls, tuning detections, integrating telemetry, and supporting detection lifecycles.
• Demonstrate strong technical communication skills, with the ability to explain designs, trade-offs, and outcomes to both technical and non-technical stakeholders.
Additional capabilities that will set you apart:
• Experience implementing proactive security controls, working with modern security platforms, and tooling.
• Hands-on experience integrating and operationalizing advanced threat intelligence within security tools, controls, and platforms.
• Hands on experience with leveraging Agentic AI to modernize security operations.
• Strong understanding of modern SecOps concepts such as attack surface reduction, response automation, posture management, zero trust, and cloud-native security.
• Familiarity with common regulatory and security frameworks (e.g., NIST, ISO, MITRE ATT&CK, D3FEND, PCI).
• Proven ability to collaborate effectively with SOC, IR, Engineering, and platform teams to deliver shared outcomes.
• A mindset of continuous improvement, with a passion for optimizing security tooling and processes through engineering excellence.
• Hands on experience with configuration and optimization of the Microsoft Security ecosystem of tools including XDR, Sentinel, Security Copilot, and Defender for Endpoint.
• Security platform administration with experience in building, configuring, tuning, and optimizing security policies and controls.
Corporate Security Responsibility
All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:
- Abide by Mastercard’s security policies and practices;
- Ensure the confidentiality and integrity of the information being accessed;
- Report any suspected information security violation or breach, and
- Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.