Senior Security Monitoring and Response Analyst

Our Purpose

Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we’re helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart, and accessible. Our technology and innovation, partnerships, and networks combine to deliver a unique set of products and services that help people, businesses, and governments realize their greatest potential.

Title and Summary

The Vocalink Security Operations Centre (SOC) is looking for a Senior Security Monitoring and Response Analyst, specialising in Insider Threat and Data Loss Prevention, to join a small team operating and improving controls to secure our information assets, advancing the insider threat program, to identify risks to information and provide prevention and detection capabilities using a range of technologies.

1. Enhances Vocalink’s insider threat capabilities, protecting our employees, the business, our customers, and services.
2. Operates and evolves response plans for escalated issues, involving stakeholders and functions that are key to successfully concluding incidents.
3. Operates and evolves DLP and insider threat focused controls to identify policy/compliance violations, and proportionate escalation pathways.
4. Monitoring of key technologies used to identify and alert on potential data loss and insider threat events.
5. Contributes to an intelligence-led approach to design-out risks from data loss and insider threat, and to improve business processes.
6. Responds to data loss and insider threat events escalated from any source.
7. Maintains accurate recording of insider threat investigations.
8. Engages with compliance and HR functions, and wider security stakeholders, ensuring successful conclusion of investigations.
9. Informs lessons learned, recommending mitigations and controls to reduce risk.
10. Reports any security control or policy gaps and identifies areas for wider security improvements.
11. Reports performance metrics for the insider threat function.

In this role you will need to be able to do, and have experience of, the following:

1. Experience within an insider threat or allied function.
2. Experience in the implementation of monitoring strategies to identify increases in risk, and the factors that influence the increases.
3. Experience of Data Loss Prevention and File Integrity Monitoring technologies, including the creation of technical controls, playbooks & process documentation, as well as handling the outputs of these to successful conclusion. Experience working in a Security Operations Centre is desirable.
4. Experience in the identification of risks presented by a workforce with privileged access to a range of assets is desirable.
5. Experience with SIEM technology, proposing use cases and dashboards to enhance monitoring capabilities.
6. Experience using various network/security technologies during security investigations is highly desirable.
7. Understanding of access management processes is highly desirable.
8. Relevant security certifications desirable.

All activities involving access to Mastercard assets, information, and networks come with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:

• Abide by Mastercard’s security policies and practices;
• Ensure the confidentiality and integrity of the information being accessed;
• Report any suspected information security violation or breach; and
• Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.