**Our Purpose** _Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we’re helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential._ **Title and Summary** Senior Analyst, Technology Risk Overview: The mission of the Payment Card Industry (PCI) program at Mastercard is to protect our security posture. The PCI team ensures that all of our applications and platforms that handle payment data or support payment data products are PCI compliant and certified to PCI- DSS (Data Security Standards) as well as other PCI standards where applicable. We are looking for someone to join our team to help us meet these compliance goals. This person will be a technically savvy person who likes to solve issues and drive outcomes. Role: Provide support to assessment teams during PCI certifications; act as the liaison between the assessment team and the QSA (Qualified Security Assessor); manage multiple certifications simultaneously Work with assessment teams to develop remediation strategies and compensating controls Partner with manager and the QSA (Qualified Security Assessors) to scope application for PCI relevance Research and learn and apply knowledge about new technologies and environments that impact PCI Participate in building the PCI program to meet new requirements and address rapid growth Represent PCI in long term technical projects that were identified through the PCI process to ensure compliance with standards Communicate security risks and gaps as related to PCI to stakeholders and executive management Manage PCI inquiries from both internal and external stakeholders Develop reports, metrics and presentations for meetings, as needed About You: Knowledge of PCI DSS standards and requirements Familiarity with information security protocols and standards Understanding of Mastercard environments—physical and cloud Experience with security controls, especially those that impact PCI (e.g. encryption, user access, logging etc.) Strong ability to employ research skills and problem-solving skills Ability to communicate business risk to stakeholders Understand security findings (e.g. scanning/Pen test) and remediation strategies Conduct or facilitate meaningful meetings with internal stakeholders and Security Assessors (QSAs) Embraces challenges in slightly chaotic, rapidly growing environment **Corporate Security Responsibility** All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must: + Abide by Mastercard’s security policies and practices; + Ensure the confidentiality and integrity of the information being accessed; + Report any suspected information security violation or breach, and + Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.