Privacy Engineer

Our Purpose

Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we’re helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential.

Title and Summary

Privacy Engineer

Overview
Mastercard is committed to balancing innovation while protecting individual privacy and has embraced privacy and data protection as core to the successful execution of our business strategy. As part of that commitment, Mastercard has established a world-class privacy program and is adding talent to our global team.

The Privacy Engineer will support a division of Mastercard’s Security Solutions. The role will drive the organizational excellence on privacy preserving technological safeguards and support the organization’s compliance with global data laws, including the EU General Data Protection Regulation (“GDPR”) and data privacy laws and regulations globally.

The Privacy Engineer ensures that thorough privacy engineering review is carried out in the context of personal data processing and is responsible for identifying and implementing privacy requirements to enhance Mastercard privacy and security controls in partnership with Mastercard’s technology and business teams.
• The position requires a strong understanding of the complex data and privacy landscape, strong understanding of technology, and an ability to develop creative solutions to ensure compliance with privacy and data protection laws globally.
• The position will report to the VP, Privacy Engineering.
• The ideal candidate will have the ability to think and act strategically with respect to the needs of business clients and their objectives.

Role
• Conduct the technical review of Mastercard processes and products when personal data processing is involved, including advising on privacy implications of various encryption techniques, access controls and use of cloud infrastructure.
• Analyze technical designs and implementations, and work with stakeholders to develop technical solutions to remediate and mitigate privacy risks in designs, procedures and processes.
• Engage with technical and business teams on privacy engineering review to ensure that privacy requirements pertaining to data processing are carried out throughout Mastercard’s technology and product life cycle.
• Partner with the privacy attorneys, technology and business teams to establish appropriate legal and technical safeguards to foster privacy compliance across the company (including acquisitions).
• Develop and organize technical and engineering information to help demonstrate compliance with Mastercard’s Privacy by Design process and Binding Corporate Rules, anticipating questions from various stakeholders internally and externally.
• Translate Privacy Risks following from Privacy Impact Assessments into technical and administrative PbD controls with a user-first approach, driving execution across cross-functional teams.
• Identify opportunities to implement privacy guardrails and controls within business workflows and tech solutions, and to work with stakeholders to implement these guardrails and controls
• Create concise requirements to automate privacy controls and compliance obligations.
• Own the execution of regular privacy compliance assessments, identifying and mitigating risks with effective tools, training, and guidance.
• Lead updates on the program progress and issues with executive stakeholders.

All About You
• Strong command of technology, software, analytics, and/or engineering, including software development, e.g. technical use, administration, development, design, and architecture of IT technology, data management, and data integration processes.
• Degree in computer science, software engineering, mathematics, or related field preferred.
• Demonstrated interest in privacy and/or corporate security (completion of IAPP courses, CIPM/CIPT/CISSP certifications)
• Familiarity with the GDPR and privacy principles that are common across global laws and regulations.
• Familiarity with Privacy by Design methodologies.
• Strong writing skills and ability to simplify technical material for other audiences, including business teams, legal departments, regulators, etc.
• Strong collaboration, interpersonal and organizational skills
• Strong problem solving and analytical skills
• Ability to develop a deep understanding of Mastercard products and services and financial services in general
• Experience with cybersecurity, Dark-Web monitoring, threat intelligence solutions
• Experience with CI/CD practices, agile development of privacy and security protocols, standards and best practices, web application deployment and provisioning tools.
• Experience with data ETL, filtering, quarantine, data quality, validation and governance processes

Pay Range
Boston, Massachusetts: $170,000 - $273,000

Mastercard is an inclusive equal opportunity employer that considers applicants without regard to gender, gender identity, sexual orientation, race, ethnicity, disabled or veteran status, or any other characteristic protected by law. In the US or Canada, if you require accommodations or assistance to complete the online application process or during the recruitment process, please contact reasonable_accommodation@mastercard.com and identify the type of accommodation or assistance you are requesting. Do not include any medical or health information in this email. The Reasonable Accommodations team will respond to your email promptly.

Corporate Security Responsibility

All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:

• Abide by Mastercard’s security policies and practices;

• Ensure the confidentiality and integrity of the information being accessed;

• Report any suspected information security violation or breach, and

• Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.

In line with Mastercard’s total compensation philosophy and assuming that the job will be performed in the US, the successful candidate will be offered a competitive base salary based on location, experience and other qualifications for the role and may be eligible for an annual bonus or commissions depending on the role. Mastercard benefits for full time (and certain part time) employees generally include: insurance (including medical, prescription drug, dental, vision, disability, life insurance), flexible spending account and health savings account, paid leaves (including 16 weeks new parent leave, up to 20 paid days bereavement leave), 10 annual paid sick days, 10 or more annual paid vacation days based on level, 5 personal days, 10 annual paid U.S. observed holidays, 401k with a best-in-class company match, deferred compensation for eligible roles, fitness reimbursement or on-site fitness facilities, eligibility for tuition reimbursement, gender-inclusive benefits and many more.