Our Purpose
We work to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments and businesses realize their greatest potential. Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. We cultivate a
culture of inclusion
for all employees that respects their individual strengths, views, and experiences. We believe that our differences enable us to be a better team – one that makes better decisions, drives innovation and delivers better business results.
Job Title
Application Penetration Tester
Overview
Mastercard is a global technology company in the payments industry. Our mission is to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart, and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments, and businesses realize their greatest potential.
Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. With connections across more than 210 countries and territories, we are building a sustainable world that unlocks priceless possibilities for all.
- The Vulnerability Management team is a dedicated collection of self-organizing, interdependent, co-located individuals representing different functional roles with all the necessary skills to conduct security testing of Mastercard applications and networks.
- Team members are network and application security and penetration testing professionals with various levels of expertise and experience in security testing of web application, mobile applications, APIs, Cloud hosted application, Containers and on-prem data centers.
- The Senior Vulnerability Analyst is an thorough professional in application security testing who can take on individual assignments as well as lead a small team of testers on bigger projects.
Role
- Ensuring that all applications security tests are conducted within the framework set at Mastercard.
- Ensure that all test cases and tools are used appropriately for testing of various application types.
- Ensuring that all help and guidance is provided to analysts and junior analysts on their test assignments.
- Provides technical leadership to the team and works with the Director of Application Security testing in improving efficiencies within the team.
- Identify improvement areas in the security testing domain and implement learnings for the Globally located team.
- Coordinate with application development teams on their demands for security testing and provide a seamless experience with testing and reporting of penetration tests.
- Ready to work with a global team spread across time-zones and geographies.
All About You
- A record of successful delivery of application security testing projects as an individual and team leader.
- Problem solver and solution-seeking approach
- Excellent communication skills with the ability to communicate with all levels of management
- Ability to build rapport and relationships
- Understands the full scope of S-SDLC
- Preferably a certified OSCP or equivalent
- Experience in SAST, OSCA Or Bug Bounty programs will be an added benefit.
COVID-19 Considerations
We value the safety of each member of our community because we know we’re all in this together. In many locations, which may change over time, we’ve implemented a virtual hiring process and continue to interview candidates by video or phone. In addition, in some locations, only individuals who have been fully vaccinated will be permitted inside Mastercard offices until further notice.
In the US, Mastercard is a government contractor, which may legally require most Mastercard employees to be vaccinated unless a verified approved medical or religious exemption is granted. Further, we are currently making every effort towards having employees return to work in the office 2 days per week, if that makes sense for their team. Everyone must be vaccinated to enter Mastercard offices at this time. Therefore, we expect all candidates to be vaccinated or to be approved for a medical or religious accommodation prior to commencing work at Mastercard.
Corporate Security Responsibility
All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:
- Abide by Mastercard’s security policies and practices;
- Ensure the confidentiality and integrity of the information being accessed;
- Report any suspected information security violation or breach, and
- Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.