Our Purpose

Mastercard powers economies and empowers people in 200 countries and territories worldwide. Together with our customers, we’re helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential.

Title and Summary

Senior Security Monitoring and Response Analyst:

Who is Mastercard?

Mastercard is a global technology company in the payments industry. Our mission is to connect
and power an inclusive, digital economy that benefits everyone, everywhere by making
transactions safe, simple, smart, and accessible. Using secure data and networks, partnerships
and passion, our innovations and solutions help individuals, financial institutions, governments,
and businesses realize their greatest potential.

Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our
company. With connections across more than 210 countries and territories, we are building a
sustainable world that unlocks priceless possibilities for all.

Mission First, People Always

As Corporate Security, we are responsible for keeping Mastercard safe and secure from cyber
and physical threats, and it is our people on the frontlines who make this happen every day.
By taking care of our people, their wellbeing, and career development, we provide them the
necessary tools and environment to ensure the success of our mission.

Overview:

The Security Operation Centre Incident Response (SOCIR) Team is looking for a Senior Security Monitoring and Response Analyst (Incident Responder) to Strengthen our capability in detecting , triaging, and responding to cybersecurity threats across the organization.

The Ideal candidate is analytical , detail-oriented, calm under pressure, and passionate about threat detection and response. They demonstrate strong problem-solving abilities, communicate clearly, and thrive in a fast paced operational environment.

• In this role, you will

• Monitor SOC queue and review SOC alerts from SIEM, EDR and other security technologies to rapidly identify potential threat .

• Perform advanced triage of security incidents , including log analysis , threat validation , DFIR , Malware analysis and Impact assessment .

• Execute incident response activities such as containment , eradication , recovery , and documentation

• Collaborate with cross-function teams to investigate root causes and strengthen defensive controls

• Maintenance & Creation of SOP relate Incident Response , Regulatory Reporting and Forensic or Malware Analysis technique and more .

• Support threat hunting efforts by proactively identifying anomalous behaviour and emerging threat patterns

• Provide continuous feedback & lead improving of alert fidelity, automation opportunities, SOC training and detection logic

• All about you

• Advanced level of experience in Security Operations, Incident Response, Threat Detection, DFIR,
  Malware Reverse Engineering.

• Strong expertise in log analysis, EDR platforms, SIEM technologies (e.g., Splunk, Sentinel)

• Demonstrated ability to lead complex incident investigations, including lateral movement analysis, malware triage, and cloud incident handling

• Deep understanding of network security, operating system internals (Windows, Linux), and common attack techniques (MITRE ATT&CK, kill chain)

• Familiarity with forensics (endpoint, memory, network) and evidence preservation methodologies.

• Hands‑on experience performing containment, eradication, and recovery across diverse environments (on‑prem, cloud, hybrid)

• Strong knowledge of threat intelligence, TTP mapping, and adversary behaviour interpretation.

• Ability to develop and maintain IR playbooks, standard operating procedures, and detection logic improvements.

• Excellent communication skills for collaborating with engineering, legal, IT, and leadership during high‑severity incidents.

• Ability to mentor junior analysts and lead incident bridges under pressure.

• Background in cloud security (Azure, AWS, GCP) including log sources, identity models, and incident patterns.

• Preferred certifications include GCFE, GCFA, OSCP, and GREM; however, candidates who can demonstrate equivalent expertise are equally considered .

• Mastercard Corporate Security Roles have been aligned with the NICE framework (National Initiative for Cybersecurity Education). For this role the NICE Work Roles most closely aligned are

• Cyber Defense Incident Responder

• Cyber Defense Analyst

• Cyber Defense Forensics Analyst

Corporate Responsibility
Every person working for, or on behalf of, Mastercard is responsible for information security. All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and therefore, it is expected that the successful candidate for this position must:

• Abide by Mastercard’s security policies and practices;
• Ensure the confidentiality and integrity of the information being accessed;
• Report any suspected information security violation or breach, and
• Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines

Corporate Security Responsibility

All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:

• Abide by Mastercard’s security policies and practices;

• Ensure the confidentiality and integrity of the information being accessed;

• Report any suspected information security violation or breach, and

• Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.