Mastercard Logo

Mastercard

Security Engineer (Threat Detection & Response)

Posted Yesterday
Be an Early Applicant
Remote or Hybrid
Hiring Remotely in Mexico City, Ciudad De México
Mid level
Remote or Hybrid
Hiring Remotely in Mexico City, Ciudad De México
Mid level
Implement and execute the Defend product roadmap by configuring, integrating, and optimizing security tooling (EDR/XDR, SIEM, SOAR, NGFW, DLP, etc.), translating security strategy into technical initiatives, tuning detections, assessing capabilities, and collaborating with stakeholders to improve control effectiveness and compliance.
The summary above was generated by AI
Our Purpose
Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we're helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential.
Title and Summary
Security Engineer (Threat Detection & Response)
Overview
The Security Threat & Response Management (STRM) program within Mastercard's Corporate Security organization seeks a Security Engineer II for the Defend Product team to help execute our prevention-focused security control strategy. The ideal candidate will demonstrate initiative, strong analytical abilities, technical expertise in cybersecurity, and a proactive approach to problem-solving. This position is instrumental in defining and advancing the roadmap and strategy for the program's core security tools and defenses. We are seeking a technically skilled professional who actively tracks emerging security trends and threats, applies advanced knowledge of security technologies, and facilitates innovation to enhance resilience throughout our environments. Effective interaction with internal STRM teams and other groups inside and outside of Corporate Security is an essential aspect of this role. Strong documentation and communication skills with the ability to manage complex discussions are also required.
Responsibilities• Implement the strategic technical roadmap for the 'Defend' product team as defined by the Defend Product Owner, which covers defensive security controls, platforms, capabilities and configurations across dozens of security tools and including EDR, DLP, Email Security, SIEM, SOAR, XDR, NGFW, UEBA, NDR, and more.• Contribute to and execute on the Defend roadmap by translating security strategy and requirements into well-defined technical initiatives and deliverables.• Act as a technical lead for the Defend feature team, helping prioritize work, sharing expertise with other engineers, and ensuring consistent engineering standards and outcomes.• Collaborate with stakeholders across engineering, endpoint, identity, cloud, and SecOps teams to implement and optimize security controls.• Translate security requirements, risk policies, and threat models into actionable engineering work items and backlog-ready initiatives.• Lead and participate in security capability assessments, providing recommendations to product and program leadership.• Configure, integrate, and optimize security tooling (e.g., EDR/XDR, NGFW, IDS, DLP, Application Control) in alignment with defined objectives and initiatives.• Monitor control effectiveness and participate in continuous tuning of policies and detections to reduce friction while increasing coverage and fidelity.• Ensure implementations align with internal security standards, regulatory requirements, and industry best practices.
All About You
The ideal candidate for this position should:• Bachelor's degree in computer science, Cybersecurity, Information Technology, Engineering, or a related field. • 2-3 years of hands-on experience in cybersecurity, security operations, incident response, detection engineering, threat hunting, or related security disciplines. • Be a hands-on Security Engineer with experience across multiple security domains and SecOps functions such as Security Operations, Security Engineering, Incident Response, Detection Engineering, Threat Hunting, and Insider Threat in a large, complex enterprise environment. • Have experience working within Agile or hybrid delivery models, contributing to backlog refinement, sprint execution, and cross-team coordination. • Be skilled at translating complex security requirements into clear, implementable technical designs and work items. • Be comfortable working directly with security tooling, including configuring access controls, tuning detections, integrating telemetry, and supporting detection lifecycles. • Demonstrate strong technical communication skills, with the ability to explain designs, trade-offs, and outcomes to both technical and non-technical stakeholders.
Additional capabilities that will set you apart:• Experience implementing proactive security controls, working with modern security platforms, and tooling.• Hands-on experience integrating and operationalizing advanced threat intelligence within security tools, controls, and platforms.• Hands on experience with leveraging Agentic AI to modernize security operations.• Strong understanding of modern SecOps concepts such as attack surface reduction, response automation, posture management, zero trust, and cloud-native security.• Familiarity with common regulatory and security frameworks (e.g., NIST, ISO, MITRE ATT&CK, D3FEND, PCI).• Proven ability to collaborate effectively with SOC, IR, Engineering, and platform teams to deliver shared outcomes.• A mindset of continuous improvement, with a passion for optimizing security tooling and processes through engineering excellence.• Hands on experience with configuration and optimization of the Microsoft Security ecosystem of tools including XDR, Sentinel, Security Copilot, and Defender for Endpoint.• Security platform administration with experience in building, configuring, tuning, and optimizing security policies and controls.
Corporate Security Responsibility
All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:
  • Abide by Mastercard's security policies and practices;
  • Ensure the confidentiality and integrity of the information being accessed;
  • Report any suspected information security violation or breach, and
  • Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines.

Mastercard New York, New York, USA Office

Mastercard’s NYC Tech Hub unites experts from diverse backgrounds and disciplines, from software development to finance, data architecture to cybersecurity and beyond, to build systems that never fail for a world that never stops.

Similar Jobs at Mastercard

Yesterday
Remote or Hybrid
Senior level
Senior level
Blockchain • Fintech • Payments • Consulting • Cryptocurrency • Cybersecurity • Quantum Computing
The Lead Data Scientist will lead data modeling projects, develop machine learning models, and drive data-driven decisions in an SME platform context, collaborating with cross-functional teams and mentoring junior colleagues.
Top Skills: AWSAzureGCPHadoopPower BIPythonSparkTableau
Yesterday
Remote or Hybrid
Senior level
Senior level
Blockchain • Fintech • Payments • Consulting • Cryptocurrency • Cybersecurity • Quantum Computing
Own production readiness and reliability for platform services: design for scalability, automate deployments and recovery, monitor availability and performance, run incident response and postmortems, consult on capacity and launch reviews, and mentor junior engineers while collaborating across global development and product teams.
Top Skills: AutomationCC++Ci/CdDevOpsDynatraceGoItsmJavaOraclePerlPythonRubyScriptingSplunkSQLUnix/Linux
Yesterday
Remote or Hybrid
Senior level
Senior level
Blockchain • Fintech • Payments • Consulting • Cryptocurrency • Cybersecurity • Quantum Computing
Lead SRE transformation by ensuring reliability, scalability, and production readiness. Drive automation, observability, incident management, SLO/KPI ownership, capacity planning, and cross-team standards. Manage and develop a global SRE team, reduce operational toil, and improve system performance and MTTR.
Top Skills: C/C++Ci/CdDevOpsDynatraceGoItsmJavaLinux/UnixObservabilityOraclePerlPythonRubySplunkSQL

What you need to know about the NYC Tech Scene

As the undisputed financial capital of the world, New York City is an epicenter of startup funding activity. The city has a thriving fintech scene and is a major player in verticals ranging from AI to biotech, cybersecurity and digital media. It also has universities like NYU, Columbia and Cornell Tech attracting students and researchers from across the globe, providing the ecosystem with a constant influx of world-class talent. And its East Coast location and three international airports make it a perfect spot for European companies establishing a foothold in the United States.

Key Facts About NYC Tech

  • Number of Tech Workers: 549,200; 6% of overall workforce (2024 CompTIA survey)
  • Major Tech Employers: Capgemini, Bloomberg, IBM, Spotify
  • Key Industries: Artificial intelligence, Fintech
  • Funding Landscape: $25.5 billion in venture capital funding in 2024 (Pitchbook)
  • Notable Investors: Greycroft, Thrive Capital, Union Square Ventures, FirstMark Capital, Tiger Global Management, Tribeca Venture Partners, Insight Partners, Two Sigma Ventures
  • Research Centers and Universities: Columbia University, New York University, Fordham University, CUNY, AI Now Institute, Flatiron Institute, C.N. Yang Institute for Theoretical Physics, NASA Space Radiation Laboratory

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account