Description
Our Purpose
We work to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments and businesses realize their greatest potential. Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. We cultivate a culture of inclusion for all employees that respects their individual strengths, views, and experiences. We believe that our differences enable us to be a better team – one that makes better decisions, drives innovation and delivers better business results.
Title and Summary
Senior Software Engineer Overview• The Cryptographic Security Team is a dedicated collection of self-organizing, high-performing, interdependent individuals representing different functional roles with all the necessary skills to create the foundational capabilities that application teams develop on top of it
• This role is a senior software engineer on a team responsible for designing, developing, and delivering major cross-department initiatives with broad scope and long-term business implications.
• Candidates must be able to obtain a deep technical understanding of the applications/systems they are working on and must be willing to dig in and ask challenging questions to ensure that plans are executed efficiently.
• Candidates should have a strong interest in Corporate Security Engineering.
• Candidates must demonstrate strong software engineering and out-of-the-box problem-solving skills.
Role
• Provide technical design and architecture advice to internal teams on securely developing and building applications and supporting systems pertaining to HSM.
• Create and execute automated processes for configuring, deploying, and upgrading HSM devices.
• Define secure mechanisms for critical business functions on-premises and in-cloud environments.
• Assist in the strategy, standards, and architecture for the SDLC's cryptography, PKI, and key management aspects, including application, mobile, web service, DevOps, cloud, and CI/CD efforts.
• Execute and own the baseline architecture implementations and design activities, collaborating with other engineers and engineering teams.
• Regularly communicate with management about risk analysis and design trade-offs.
• Work on Pre SDLC or Discovery activities, owning and contributing to assigned activities related to technical feasibility & assessment and providing responses.
• Identify performance bottlenecks and come up with novel ways to solve them.
• Work to define feature requirements and deliver the product that materially impacts the business and improves the consumer experience.
All about you
• Demonstrate a profound mastery of software engineering concepts and practices across all phases of the software development lifecycle, showcasing an exceptional breadth of knowledge and insight.
• Knowledge of cryptography, including several of the following: encryption, hashing, key management, digital certificates, TLS, PKCS#11, and confidential computing
• Possessing over a year of extensive hands-on experience with any HSM such as Luna, Entrust, Utimaco, and Payshield.
• Demonstrate technical competency in security engineering based on hands-on experience or relevant qualifications
• Working knowledge and technical security experience with UNIX, Linux, FreeBSD, AIX, or Windows.
• Hand-on experience in Shell Scripting (Unix/Windows)
• Proficient in any of the following programming languages: Java, Python, or Rust.
• Fundamental understanding of private or public cloud ecosystems and CI/CD practices.
• Desire to stay abreast of new development technologies and tools.
• Excellent interpersonal skills and ability to work in a collaborative environment.
• Strong communication skills, with an ability to express design ideas to a development team.
• BS in Computer Science or related technical field or equivalent practical experience.
Nice to have
• Working experience in a continuous integration development environment, preferably Jenkins.
• Proficiency in C, along with experience in multithreading and memory management
• Experience in secure software development.
Corporate Security Responsibility
All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:
Abide by Mastercard's security policies and practices;
Ensure the confidentiality and integrity of the information being accessed;
Report any suspected information security violation or breach, and
Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines.
Apply on company website