Principal Information Security Engineer

• Apply deep technical expertise to mentor and develop junior engineers and security practitioners
• Provide input into performance evaluations for team members and emerging talent
• Serve as a trusted advisor to engineering and business leaders across RTPI programs
• Influence and implement security requirements, standards, and architectural patterns for large scale, real time payment platforms
• Define platform level security architecture and drive execution of long term security strategy for RTPI
• Lead threat modelling, risk assessments, and security design reviews for high velocity, high availability systems
• Support the design, testing, and implementation of complex security solutions aligned with regulatory, operational, and customer requirements
• Identify risks and propose compensating controls tailored to real time transaction flows and cross border payment environments
• Partner with engineering teams to embed security into CI/CD pipelines, APIs, cloud services, and real time transaction processing components
• Build and maintain strong relationships with business owners, product teams, engineers, project managers, customers, and senior leadership
• Translate security concepts into actionable guidance for diverse technical and non technical audiences
• Represent Corporate Security in global RTP initiatives, regulatory discussions, and cross functional working groups
• Abide by Mastercard’s security policies and practices
• Ensure the confidentiality and integrity of information accessed
• Report any suspected security violations or breaches
• Complete all mandatory security training as required

• Undergraduate degree preferably in computer science/information security or significant work experience in information security disciplines
• CISSP/CISM or industry recognised security certification desired
• Extensive IT experience demonstrating thought leadership and cross functional influence
• Proven success enabling business outcomes through strong technical decision making
• Experience leading project teams and collaborating with business partners, vendors, and consulting organisations
• Excellent communication skills, with the ability to influence, negotiate, and drive alignment across global teams
• Strong background in information security engineering, including risk identification and compensating control design
• Experience adapting security programs such as Zero Trust to evolving technologies and threat landscapes
• Hands on experience improving security domain areas (e.g., authentication, access control, secure architecture) using metrics and customer feedback
• Experience supporting or securing Critical National Infrastructure (CNI), particularly within financial services or payment systems, is highly beneficial
• Demonstrated experience working with risk based security and compliance frameworks, including SOC 2, ISAE 3000, PCI DSS, DORA, and the Cyber Risk Institute (CRI) profiles, as well as other relevant regulatory or industry standards
• Ability to interpret, apply, and operationalise framework requirements within complex, high availability technology environments such as real time payment systems
• Experience collaborating with audit, compliance, and regulatory teams to ensure alignment between security controls, business processes, and external obligations
• Proven capability to assess control effectiveness, identify gaps, and drive remediation strategies that balance security, operational efficiency, and business needs
• Strong understanding of how global regulatory expectations and CRI-aligned frameworks influence security architecture, risk management, and platform design

Experience supporting or securing Critical National Infrastructure (CNI), particularly within financial services or payment systems, is highly beneficial