O'Fallon, Missouri, USA
16 days ago
Lead Technology Risk Analyst

Our Purpose

We work to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments and businesses realize their greatest potential. Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. We cultivate a culture of inclusion for all employees that respects their individual strengths, views, and experiences. We believe that our differences enable us to be a better team – one that makes better decisions, drives innovation and delivers better business results.

Title and Summary

Lead Technology Risk Analyst

The mission of the PCI program at Mastercard is to protect our security posture. The PCI team ensures that all of our applications and platforms that handle payment data are PCI compliant and certified to PCI- DSS (Data Security Standards) as well as other PCI standards where applicable.
We are looking for someone to join our team to help us meet these compliance goals. This person will be a technically savvy person who likes to solve issues and drive outcomes.

Responsibilities include:
Lead PCI certifications for emerging and specialty PCI assessments including localization and on soil initiatives
Develop strategies and playbooks
Play key role in developing and finding efficiencies in PCI program processes
Identify how PCI processes, evidence, or issue remediation can be leveraged across other TRM or enterprise assessments and initiatives.
Partner with manager and the QSA (Qualified Security Assessors) to scope application for PCI relevance
Research, learn and apply knowledge about new technologies and environments that impact PCI
Work with app teams on remediation strategies and compensating controls
Participate in building the program to meet new PCI 4.0 requirements
Represent PCI in long term technical projects that were identified through the PCI process to ensure compliance with standards
Develop or participate in efforts to communicate security risks and gaps to executive management

Knowledge of:
PCI standards and requirements
Latest information security protocols and standards
Mastercard environments—physical and cloud
Security controls, especially those that impact PCI (encryption, access, testing etc.)
Security prevention and detection systems and other security event management systems
Data structures and classifications

Ability to:
Review security architecture of applications and determine PCI relevance
Employ strong research skills and problem solving skills
Apply PCI standards to new and existing technologies
Identify and evaluate security gaps
Communicate business risk to stakeholders
Understand security findings (scanning/Pen test) and assess remediation strategy
Evaluate compensating controls
Conduct or facilitate meaningful meetings
Work in slightly chaotic, rapidly growing environment

Mastercard is an inclusive equal opportunity employer that considers applicants without regard to gender, gender identity, sexual orientation, race, ethnicity, disabled or veteran status, or any other characteristic protected by law. In the US or Canada, if you require accommodations or assistance to complete the online application process or during the recruitment process, please contact reasonable_accommodation@mastercard.com and identify the type of accommodation or assistance you are requesting. Do not include any medical or health information in this email. The Reasonable Accommodations team will respond to your email promptly.

Corporate Security Responsibility


All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:

Abide by Mastercard’s security policies and practices;

Ensure the confidentiality and integrity of the information being accessed;

Report any suspected information security violation or breach, and

Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.

In line with Mastercard’s total compensation philosophy and assuming that the job will be performed in the US, the successful candidate will be offered a competitive base salary based on location, experience and other qualifications for the role and may be eligible for an annual bonus or commissions depending on the role. Mastercard benefits for full time (and certain part time) employees generally include: insurance (including medical, prescription drug, dental, vision, disability, life insurance), flexible spending account and health savings account, paid leaves (including 16 weeks new parent leave, up to 20 paid days bereavement leave), 10 annual paid sick days, 10 or more annual paid vacation days based on level, 5 personal days, 10 annual paid U.S. observed holidays, 401k with a best-in-class company match, deferred compensation for eligible roles, fitness reimbursement or on-site fitness facilities, eligibility for tuition reimbursement, gender-inclusive benefits and many more.

Pay Ranges

O'Fallon, Missouri: $102,000 - $158,000 USD

Confirm your E-mail: Send Email