Description
Our Purpose
We work to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments and businesses realize their greatest potential. Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. We cultivate a culture of inclusion for all employees that respects their individual strengths, views, and experiences. We believe that our differences enable us to be a better team – one that makes better decisions, drives innovation and delivers better business results.
Title and Summary
Principal Red Team Operator OverviewThe Mastercard Red Team is looking for a Principal level Red Team member with multiple years of experience leading and participating in team-based offensive security campaigns. This role works collaboratively with team members performing continuous adversary simulation and security assurance against Mastercard's infrastructure, data, processes, and physical spaces. The ideal candidate has several years of prior experience leading and executing offensive security operations and is passionate, self-driven in offensive and defensive security, highly motivated, intellectually curious, analytical, and possesses a “thinking out of the box” mindset. The individual in this role will be responsible for simulating real-word cyber and physical attacks in coordination with the Red Team to help mature security operations as well as help identify security best practices.
Role
• Lead efforts to plan and execute sophisticated adversary simulation activities in cyber and physical security engagements as part of an elite red team
• Support development of strategic initiatives pertaining to the red team
• Document and present findings to various stakeholders across different leadership levels and departments
• Lead red team maturity efforts with direction from leadership
• Identify and document best practices and findings with recommended improvements
• Plan and support red team capability development – tools, techniques, and procedures
• Execute phishing and other social engineering campaigns
• Support red team infrastructure management
• Stay current with latest attack methodologies
All About You
• Extensive knowledge of cyber security principles, techniques, and tools
• Multi-year operational offensive security experience with cyber and physical red teaming
• Extensive knowledge and operational experience with common offensive security tools, C2 frameworks, TTPs, and exploitation techniques
• Experience presenting complex data to technical and non-technical audiences effectively narrates campaign scenarios, outcomes, remediation recommendation, and impact assessment
• Advanced knowledge and experience in endpoint and monitoring controls evasion
• Proven ability to write, understand, and modify scripts and code in various programming languages
• Experience operating in cloud environments
• Demonstrated ability to work independently and as part of a team
• Extensive understanding of operation systems, common software, network protocols and architecture
• Strong analytical and problem-solving tools Mastercard is an inclusive equal opportunity employer that considers applicants without regard to gender, gender identity, sexual orientation, race, ethnicity, disabled or veteran status, or any other characteristic protected by law. In the US or Canada, if you require accommodations or assistance to complete the online application process or during the recruitment process, please contact reasonable_accommodation@mastercard.com and identify the type of accommodation or assistance you are requesting. Do not include any medical or health information in this email. The Reasonable Accommodations team will respond to your email promptly.
Corporate Security Responsibility
All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:
Abide by Mastercard's security policies and practices;
Ensure the confidentiality and integrity of the information being accessed;
Report any suspected information security violation or breach, and
Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines.
Pay Ranges
Apply on company website