Information Security Operations Analyst II

Our Purpose

Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we’re helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential.

Title and Summary

Information Security Operations Analyst II

Overview

• Identity Access Management teams are responsible for end to end providing services to support internal employees and external customers capabilities to retrieve physical and logical access to Mastercard systems and applications.
• The Identity Access Governance team within Corporate Security is laser focused on resolving access issues and ensuring SOC1 access controls, while creating and fostering a robust security controls environment
• The purpose of this job is to provide appropriate support on all access issues and ensure the SOC1 access controls are properly executed.
• This would include understanding governance tools, understanding of end to end provisioning of access across enterprise platforms, and innovating techniques to use and communicate data in new and more effective ways to influencing how access should be granted to users.
• Are you a self-starter with good communication skills that can interact with individuals at all levels of the company?
• Given an example how you have gone the extra mile for a (internal or external) customer?
• Give an example of when you have thought outside of the box to solve a problem?
• What experience do you bring to the table that will drive this team to the next level?
• What is your experience in managing risk and understanding security controls?

Role

• Liaise between end user and app support team to resolve access issues.
• Execute the processes setup to ensure compliance to SOC1 access controls such as Transfers, Termination, Periodic Reviews etc.
• Identify gaps within identity access management processes and systems globally, provide recommendations, and track to completion, as directed

• Identify automation opportunities to deliver smarter and easier identity access management services to support “access as an enabler” strategy
• Complies with documented processes and provide feedback for improvements
• Support all annual certification & governance reviews (such as transfers)
• Leads voice of the customer efforts to understand the business needs from regional business leaders for continuous improvement
• Partners with Business Operations team on technology enhancements to access governance
• Partners with other peers in the Identity Access Management organization to ensure governance processes are in place, enabling access to the business with least privileges
• Researches new methodologies to improve security within the identity access management space

All About You

• Intermediate skills in Information Security
• Intermediate strategic thoughtful risk taking experience
• Intermediate analytical skills working with large amounts of data and identifying outliers
• Intermediate skills of identity access management pillars such as, but not limited to roles, entitlements, access certifications, and segregation of duties rules
• Beginner to Intermediate experience in regulatory compliance (PCI, SOC1, SOX)
• Basic technical background (Windows, UNIX, databases) and basic network fundamentals
• Intermediate skills in provisioning to platforms (Windows, UNIX, Mainframe, databases)
• Excellent organization, problem solving, and communication skills

Corporate Security Responsibility

All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:

• Abide by Mastercard’s security policies and practices;

• Ensure the confidentiality and integrity of the information being accessed;

• Report any suspected information security violation or breach, and

• Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.