Manager, SOC Incident Response

Our Purpose

Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we’re helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential.

Title and Summary

Manager, SOC Incident Response

Who is Mastercard?

Mastercard is a global technology company in the payments industry. Our mission is to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart, and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments, and businesses realize their greatest potential.
Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. With connections across more than 210 countries and territories, we are building a sustainable world that unlocks priceless possibilities for all.


Overview

The Security Operations Center Incident Response (SOCIR) team is a critical component of Mastercard’s security incident management function. The team is available 24/7 to respond to escalated incidents using playbooks, and digital forensics and incident response (DFIR) tools to proactively hunt and respond to potential threats. The SOCIR Manager in Pune, India is an integral member of team, leading incident responders within the region for all phases of our response process.

• Do you want to lead a team handling complex technical response functions during a security incident?
• Have you provided technical leadership or built a Security Operations Center or IR team?
• Do you want to protect the financial ecosystem alongside amazing colleagues around the world?
• Are you passionate about coaching and developing the next generation of cybersecurity leaders?


Role


• Lead incident responders in Pune, India who are responsible for investigating, resolving, and learning from security incidents.
• Develop, maintain, and ensure accurate and effective execution of incident response playbooks for a variety of cybersecurity incident scenarios in daily operations.
• Inspire, coach and develop the team to improve DFIR skillsets and operational effectiveness.
• Develop and review key performance and risk indicators for incident response activities.
• Identify and execute strategic initiatives to improve incident response capabilities.
• Communicate incident briefings, process and strategy updates, and security recommendations gleaned from the team’s lessons learned.
• Leverage cybersecurity knowledge and experience to lead threat hunting, malware analysis, cloud security, and detection development workstreams in cooperation with the global SOCIR and SOC teams.
• Represent the incident management function in the region to key stakeholders including internal groups, third parties, regulatory, and audit audiences as necessary.

All About You

• Five+ years of technical cybersecurity experience, with exposure to DFIR technologies and operations or equivalent education.
• An additional two+ years in a functional or people leadership role in a related discipline with demonstrated ability to lead a team of individual contributors.
• Value collaboration, inclusion, continuous learning, and acting with a sense of urgency.
• Strong written and verbal communication skills for technical and non-technical audiences.
• Strong understanding of common cyber-attack Tactics, Techniques, and Procedures (TTPs) and how to mitigate them.
• Experience or knowledge of networking, operating systems, cloud security, log analysis, common cybersecurity frameworks/standards, and SIEM technologies.
• Demonstrated ability to work and lead effectively in ambiguous and/or high-pressure situations.
• Cybersecurity or technology related degrees, industry recognized certifications (such as those issued by GIAC, ISC2, AWS, Azure, and others), or equivalent demonstrated knowledge desired.
• Specialized knowledge in one or more areas including forensics, detection engineering, security orchestration/automation, and threat intelligence also desired.

Corporate Security Responsibility

Every person working for, or on behalf of, Mastercard is responsible for information security. All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and therefore, it is expected that the successful candidate for this position must:

• Abide by Mastercard’s security policies and practices;
• Ensure the confidentiality and integrity of the information being accessed;
• Report any suspected information security violation or breach, and
• Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.

Corporate Security Responsibility

All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:

• Abide by Mastercard’s security policies and practices;

• Ensure the confidentiality and integrity of the information being accessed;

• Report any suspected information security violation or breach, and

• Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.