Senior Regional Security Analyst at Mastercard

Our Purpose

Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we’re helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential.

Title and Summary

Senior Regional Security Analyst:

Senior Regional Security Analyst:

Job Description Summary:

Overview:

The Regional Security Americas team is seeking a Senior Regional Security Analyst to secure our people and business to thrive in a world beyond cash. The ideal candidate will play a key role in enhancing Mastercard's brand as a technology leader. The best fit candidate will support the Regional Chief Security Officer Americas in driving the security agenda for the region. The position is based in Toronto, Canada, and will function as the first point of contact for Corporate Security with responsibility to manage programs and services.
The Senior Regional Security Analyst Americas is responsible for supporting and executing the company’s cybersecurity, information security, and physical security programs across the Americas region. This role provides regional security governance, owns cyber risk outcomes, supports incident response, and ensures alignment between global security strategy and regional business operations, regulatory requirements, and threat conditions. The position operates at the management and governance level, coordinating with regional security leadership while serving as a primary security authority for regional executives, technology teams, and business stakeholders.
This role aligns primarily to the NICE Workforce Framework Oversight and Governance and Protection and Defense work roles, including Information Security Officer, Cybersecurity Manager, and Incident Response Lead.

• Cybersecurity Governance & Strategy

• Translate global cybersecurity strategy, policies, and standards into effective regional implementation plans.

• Establish and maintain regional security governance forums, reporting, and performance metrics.

• Ensure regional alignment with enterprise risk appetite, security objectives, and strategic initiatives.

• Function as the regional escalation point for all material cybersecurity risks and decisions.

• Risk Management & Compliance

• Own the regional cyber risk register and oversee risk identification, assessment, treatment, and acceptance.

• Lead regional security risk assessments for systems, products, vendors, and business initiatives.

• Ensure compliance with applicable regional regulations such as privacy, data protection, customer security requirements.

• Support internal and external audits, regulatory inquiries, and customer security reviews.

• Security Operations Oversight

• Oversee regional security monitoring, detection, and response effectiveness.

• Ensure appropriate coverage, response times, and integration with global security operations.

• Identify and remediate gaps in visibility, controls, and operational maturity.

• Partner with global teams to continuously improve regional security posture.

• Develop and maintain regular market and security intelligence updates to the business, including threat alerts on occurrence of risks to Mastercard assets applicable to the market.

• Engage and educate employees and senior leadership on security awareness programs, threat, and risk management.

• Provide timely and accurate executive‑level incident briefings and post‑incident reviews.

• Manage and/or support security incidents and emergency events to safeguard Mastercard data, assets, and employees by providing expert security advice as needed.

• Stakeholder & Business Engagement

• Serve as the primary cybersecurity advisor to regional executives and senior leaders.

• Influence business decisions by clearly communicating security risks, impacts, and tradeoffs.

• Build trusted relationships with IT, engineering, legal, compliance, and operational teams across the region.

• Represent regional security interests in global forums and strategy discussions.

• People, Vendor & Program Management

• Lead and develop regional security staff and contractors, where applicable.

• Define performance objectives, development plans, and succession strategies.

• Oversee regional security vendors, service providers, and third‑party engagements.

• Manage regional security budgets, forecasting, and resource planning.

• Support the design, vendor coordination, installation, and management of security systems including access control and CCTV systems, with the global Access Engineering team, for BAU and office move / renovation projects.

• Collaborate with stakeholders to secure Mastercard facilities.
  Required Knowledge, Skills & Competencies

• Cybersecurity Leadership

• Solid understanding of cybersecurity governance, policy, and enterprise risk management.

• Ability to align security outcomes with business objectives in a global environment.

• Risk & Incident Management

• Expertise in cyber risk assessment, prioritization, and executive decision support.

• Proven ability to lead complex, high‑impact cybersecurity incidents.

• Technical Literacy

• Broad knowledge of modern enterprise and cloud technologies sufficient to assess security risk.

• Ability to challenge technical assumptions and validate control effectiveness without hands‑on engineering responsibility.

• Communication & Influence

• Exceptional written and verbal communication skills.

• Proven experience briefing executives and influencing senior stakeholders.

• Ability to translate complex security issues into clear business impact.

• Regional & Global Operations

• Experience operating across multiple countries, cultures, and time zones.

• Understanding of regional regulatory and threat landscape differences.

• Support global or regional cybersecurity initiatives as needed.

Qualifications and Experiences:

• Required.
• Bachelor’s degree in Cybersecurity, Information Security, Computer Science, or a security related field, or equivalent professional experience.
• At least 3-5 years of relevant experience of progressive cybersecurity and/or physical security experience with operations in the Americas region.
• Demonstrated experience in enterprise security governance, risk management, and incident response.
• Possess a valid driver’s license.
• Possess a valid passport and able to travel internationally.
• Fluent in English and at least a working knowledge of a secondary regional language such as Spanish or Portuguese.
• Experience in cybersecurity and data protection such as collaborating with Global and Regional Cybersecurity assurance functions – security architects, engineers, and operations staff – to optimize the cyber and information security program to minimize risk to the business.
• Can communicate effectively verbally or written.
• Good interpersonal and decision-making skills.
• Good attitude and willing to learn in a fast-moving technology payments industry.
• Desired.
• Experience in a large, multinational technology or cloud‑based organization.
• Prior responsibility for regional or global security programs.
• Analytical and proven history of delivering security services and risk management.
• Professional certifications such as Certified Information Systems Security Professional, Certified Information Security Manager, Certified Protection Professional are highly desirable.
• Experience in executive protection and event security support services.
• Success Measures
• Reduction in material regional cyber risk exposure.
• Effective and timely handling of security incidents.
• Compliance with regional regulatory and customer security expectations.
• Positive executive stakeholder feedback and audit outcomes

Mastercard is a merit-based, inclusive, equal opportunity employer that considers applicants without regard to gender, gender identity, sexual orientation, race, ethnicity, disabled or veteran status, or any other characteristic protected by law. We hire the most qualified candidate for the role. In the US or Canada, if you require accommodations or assistance to complete the online application process or during the recruitment process, please contact reasonable_accommodation@mastercard.com and identify the type of accommodation or assistance you are requesting. Do not include any medical or health information in this email. The Reasonable Accommodations team will respond to your email promptly.

Corporate Security Responsibility

All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:

• Abide by Mastercard’s security policies and practices;

• Ensure the confidentiality and integrity of the information being accessed;

• Report any suspected information security violation or breach, and

• Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.

In line with Mastercard’s total compensation philosophy and assuming that the job will be performed in Canada, the successful candidate will be offered a competitive pay based on location, experience and other qualifications for the role and may be eligible to participate in a discretionary annual incentive program. This posting reflects one or more current openings on our team.

Pay Ranges

Toronto, Canada: $83,000 - $132,000 CAD