Product Information Security GRC Specialist

Mastercard

תל אביב
משרה קבועה
משרה מלאה

לפני חודשיים

Our PurposeWe work to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments and businesses realize their greatest potential. Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. We cultivate a for all employees that respects their individual strengths, views, and experiences. We believe that our differences enable us to be a better team – one that makes better decisions, drives innovation and delivers better business results.Title and SummaryProduct Information Security GRC SpecialistThe Product Information Security GRC Specialist role offers the chance to work with the best and brightest cybersecurity minds in our Data & Services organization to build a cyber risk management product.Our flagship product equips business leaders to decipher the cyber risks their businesses face in business and financial terms. The platform comprehensively assesses an organization’s cyber posture through various internal and external indicators. Through our platform, this helps the organization’s leaders understand their cyber risk profile and prioritize their cyber investments, considering their ability to handle the most pressing threats their organization faces.As a Product Information Security GRC Specialist, you will join the cyber research team, where you will be responsible for identifying, analyzing, and integrating information security standards and regulations, security technologies, and cyber intelligence into the product and maintaining the product’s risk quantification methodology.We seek a professional who can learn quickly, take the lead, and be accountable. The candidate should be passionate about research and cybersecurity, be a team player with a creative mindset, and have a can-do attitude to solving problems.Responsibilities:

Identify, analyze, and integrate information security standards and regulations into the product
Identify, analyze, and integrate cybersecurity technologies into the product and define how the indicators for these technologies can be gathered automatically and scored
Maintain and update the product’s risk quantification methodology (e.g., attack methods. threat actors, controls, etc.)
Identify and design product features
Collaborate with R&D team to build and integrate these capabilities
Act as the subject matter expert and provide support to clients with the product's capabilities and methodology

Qualifications:

Five plus years of solid experience conducting risk and security assessments, including cloud security assessments
A knowledge of security frameworks such as NIST, ISO 2700X, PCI-DSS, FFIEC, Cloud Security Alliance, and other frameworks. Experience in conducting assessments based on standards - advantage
A deep knowledge of cyber security technologies. Hands-on experience - advantage
A deep Knowledge of cyber threat frameworks such as CAPEC, Cyber Kill Chain, and MITRE ATT&CK
Experience in gathering and analyzing cyber threat intelligence - advantage
Experience in conducting IoT and OT risk assessments - advantage
Must have strong analytical and critical-thinking skills
High attention to detail and a self-starter and learner who can work independently, multi-task, and adjust to shifting priorities
Ability to work as part of a global team with global management
Experience adhering to rigorous and detailed instructions while also thinking creatively and solving problems
Great communication skills
Good teamwork and time management skills
Strong oral and written communication skills
Fluent in English

Corporate Security ResponsibilityAll activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:Abide by Mastercard’s security policies and practices;Ensure the confidentiality and integrity of the information being accessed;Report any suspected information security violation or breach, andComplete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.

Mastercard

הגש מועמדות