Senior Software Engineer (mastercard)

Job Description

Our Purpose

Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we’re helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential.

Title and Summary

Senior Software Engineer

Overview

• The Cryptographic Security Team is a dedicated collection of self-organizing, high-performing, interdependent individuals representing different functional roles with all the necessary skills to create the foundational capabilities that application teams develop on top of it
• This role is a senior software engineer on a team responsible for designing, developing, and delivering major cross-department initiatives with broad scope and long-term business implications.
• Candidates must be able to obtain a deep technical understanding of the applications/systems they are working on and must be willing to dig in and ask challenging questions to ensure that plans are executed efficiently.
• Candidates should have a strong interest in Corporate Security Engineering.
• Candidates must demonstrate strong software engineering and out-of-the-box problem-solving skills.

Role
• Provide technical design and architecture advice to internal teams on securely developing and building applications and supporting systems pertaining to HSM.
• Create and execute automated processes for configuring, deploying, and upgrading HSM devices.
• Define secure mechanisms for critical business functions on-premises and in-cloud environments.
• Assist in the strategy, standards, and architecture for the SDLC's cryptography, PKI, and key management aspects, including application, mobile, web service, DevOps, cloud, and CI/CD efforts.
• Execute and own the baseline architecture implementations and design activities, collaborating with other engineers and engineering teams.
• Regularly communicate with management about risk analysis and design trade-offs.
• Work on Pre SDLC or Discovery activities, owning and contributing to assigned activities related to technical feasibility & assessment and providing responses.
• Identify performance bottlenecks and come up with novel ways to solve them.
• Work to define feature requirements and deliver the product that materially impacts the business and improves the consumer experience.

All about you
• Demonstrate a profound mastery of software engineering concepts and practices across all phases of the software development lifecycle, showcasing an exceptional breadth of knowledge and insight.
• 5-8 Years hands-on experience in a development role.
• Knowledge of cryptography, including several of the following: encryption, hashing, key management, digital certificates, TLS, PKCS#11, and confidential computing
• Possessing over a year of extensive hands-on experience with any HSM such as Luna, Entrust, Utimaco, and Payshield.
• Demonstrate technical competency in security engineering based on hands-on experience or relevant qualifications
• Working knowledge and technical security experience with UNIX, Linux, FreeBSD, AIX, or Windows.
• Hand-on experience in Shell Scripting (Unix/Windows)
• Proficient in any of the following programming languages: Java, Python, or Rust.
• Fundamental understanding of private or public cloud ecosystems and CI/CD practices.
• Desire to stay abreast of new development technologies and tools.
• Excellent interpersonal skills and ability to work in a collaborative environment.
• Strong communication skills, with an ability to express design ideas to a development team.
• BS in Computer Science or related technical field or equivalent practical experience.

Nice to have
• Working experience in a continuous integration development environment, preferably Jenkins.
• Proficiency in C, along with experience in multithreading and memory management
• Experience in secure software development.

Corporate Security Responsibility

All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:

• Abide by Mastercard’s security policies and practices;

• Ensure the confidentiality and integrity of the information being accessed;

• Report any suspected information security violation or breach, and

• Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.