Job Description

Our Purpose
Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we're helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential.
Title and Summary
Information Security Engineer II
To support our continued growth and success, we are actively recruiting for an Information Security Compliance Professional to assist in and support all aspects of our program. The ideal candidate will have solid experience in developing and/or maintaining information security policies and procedures, as well as familiarity with security frameworks and standards including CSA CCM, PCI-DSS, SOC2, ISO27001, etc. Excellent communication skills, both verbal and written, are essential. If you are looking for a challenge that will allow you to collaborate within dynamic teams and work in a fast-paced environment, this position is for you.
Responsibilities
Internal Compliance
? Maintaining and managing the controls list.
? Identifying control gaps and process improvement opportunities; evaluating compliance with operational, legal, regulatory and IT policies and procedures.
? Document risk and mitigation controls, including policy/procedure updates Tracking and monitoring management action plans to ensure sustainable resolution of control gaps
? Providing risk and control advice and education for the benefit of the organization, being a "champion" and advocate for strong risk management and governance controls and partnering with
other control functions to strengthen our three lines of defense model
?Understanding and critically analyzing complex IT processes, identifying and assessing potential risks and determining whether those risks are appropriately mitigated (using various techniques
such as problem solving, root cause and data analysis)
Security Due Diligence Questionnaires
?Managing the security/due-diligence questionnaires lifecycle and ensuring compliant,
accurate and timely completion of all responses
? Responding to clients due-diligence questionnaires and audits
? Identifying the needs, requirements and risks associated with questionnaires received
?Maintaining a library of content to help ensure responses are up-to-date; contributing to
developing and improving the process and the existing knowledge-base to streamline the
responses
?Responsible for managing regular scheduled internal reviews of key control areas
?Excellent communication skills, both written and verbal; strong presentation
Skills required
Must have a positive attitude, excellent critical thinking and problem-solving skills to support the business working with cross-functional teams on projects and initiatives. Liaise with internal and external stakeholders on an ongoing basis during the audit, relative to plans, objectives, evidence collection and results documenting, presenting and tracking findings and remediation actions.
?Preferably 3 - 5 years' experience with/in:

• IT security controls
• IT Audit, and/or
• Compliance management, and/or
• Project management/ coordination (document collections, coordination, tracking, customer partnership), and/or
• Information management

? Understanding of risk management and Information Security frameworks
?Certified Professional designation (CSA CCM, CISSP, CISA, CRISC) or willingness to work towards one or more of these certifications
?Experience with GDPR and/or PIPEDA and/or similar Data Privacy frameworks
?Experience with information management/ RFP platforms (e.g., Loopio, RFPIO, RFP360, etc.)
?Experience working with auditors and other stakeholders, managing audits, collecting evidence and tracking findings to a resolution
? Intellectually curious, self-motivated, passionate works well both independently and as part of a team
?Ability to influence change through effective communication and interpersonal skills
?Ability to work and partner with others in different levels of the organization
?Ability to multi-task, be organized and take initiative audit management.
? Managing the PCI, SOC-2 and other compliance programs end-to-end
? Evaluating internal stakeholders' response to audits and reporting to management on appropriateness
?Acting in a consultative capacity, providing advice and clarity to teams on compliance requirements and audits
Mastercard is a merit-based, inclusive, equal opportunity employer that considers applicants without regard to gender, gender identity, sexual orientation, race, ethnicity, disabled or veteran status, or any other characteristic protected by law. We hire the most qualified candidate for the role. In the US or Canada, if you require accommodations or assistance to complete the online application process or during the recruitment process, please contact reasonable_accommodation@mastercard.com and identify the type of accommodation or assistance you are requesting. Do not include any medical or health information in this email. The Reasonable Accommodations team will respond to your email promptly.
Corporate Security Responsibility
All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:
Abide by Mastercard's security policies and practices;
Ensure the confidentiality and integrity of the information being accessed;
Report any suspected information security violation or breach, and
Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines.
In line with Mastercard's total compensation philosophy and assuming that the job will be performed in Canada, the successful candidate will be offered a competitive pay based on location, experience and other qualifications for the role and may be eligible to participate in a discretionary annual incentive program.
Pay Ranges Vancouver, Canada: $91,000 - $140,000 CAD

Skills Required