Our Purpose

Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we’re helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential.

Title and Summary

Principal Red Team Operator

Overview
The Mastercard Red Team is looking for a Principal level Red Team member with multiple years of experience leading and participating in team-based offensive security campaigns. This role works collaboratively with team members performing continuous adversary simulation and security assurance against Mastercard’s infrastructure, data, processes, and physical spaces. The ideal candidate has several years of prior experience leading and executing offensive security operations and is passionate, self-driven in offensive and defensive security, highly motivated, intellectually curious, analytical, and possesses a “thinking out of the box” mindset. The individual in this role will be responsible for simulating real-word cyber and physical attacks in coordination with the Red Team to help mature security operations as well as help identify security best practices.

Role

•\tLead efforts to plan and execute sophisticated adversary simulation activities in cyber and physical security engagements as part of an elite red team
•\tSupport development of strategic initiatives pertaining to the red team
•\tDocument and present findings to various stakeholders across different leadership levels and departments
•\tLead red team maturity efforts with direction from leadership
•\tIdentify and document best practices and findings with recommended improvements
•\tPlan and support red team capability development – tools, techniques, and procedures
•\tExecute phishing and other social engineering campaigns
•\tSupport red team infrastructure management
•\tStay current with latest attack methodologies

All About You

•\tExtensive knowledge of cyber security principles, techniques, and tools
•\tMulti-year operational offensive security experience with cyber and physical red teaming
•\tExtensive knowledge and operational experience with common offensive security tools, C2 frameworks, TTPs, and exploitation techniques
•\tExperience presenting complex data to technical and non-technical audiences effectively narrates campaign scenarios, outcomes, remediation recommendation, and impact assessment
•\tAdvanced knowledge and experience in endpoint and monitoring controls evasion
•\tProven ability to write, understand, and modify scripts and code in various programming languages
•\tExperience operating in cloud environments
•\tDemonstrated ability to work independently and as part of a team
•\tExtensive understanding of operation systems, common software, network protocols and architecture
•\tStrong analytical and problem-solving tools

Corporate Security Responsibility

All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:

Abide by Mastercard’s security policies and practices;

Ensure the confidentiality and integrity of the information being accessed;

Report any suspected information security violation or breach, and

Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.