Principal Information Security Consultant

Role Overview

• Lead high-impact security consultancy engagements across the enterprise.
• Shape and mature the Security Consultancy function.
• Act as a senior delegate for the Director of Information Security Engineering.
• Provide authoritative guidance to engineering, product, and architecture teams.
• Lead assurance for high-risk or complex systems.
• Develop, refine, and promote security standards and frameworks.
• Mentor Lead-level consultants.
• Provide strategic direction on complex technical domains such as cryptography, IAM, network, data and application security.

Requirements

• Strong security mindset and deep knowledge of best practices and threats.
• Broad and mature experience across software, architecture, network, cloud, and assurance.
• Ability to negotiate with senior stakeholders.
• Strong interpersonal and relationship-building skills.
• Authority in complex technical decision-making.
• Confidence in providing technical guidance on complex decisions (cryptography, network design, application security, data protection, IAM, etc.)
• Experience producing high-quality documentation and threat models.
• Familiarity with ISO 27001, NIST SP 800-53, PCI DSS, etc.
• Self-starter comfortable with ambiguity.
• Experience with third-party assurance and vendor interaction.
• Proactive approach to enhancing the maturity of the security organization.
• Security certifications (CISSP, CISM, CSSLP, CISA) are desirable.
• Threat modelling and risk assessment expertise are desirable.
• Knowledge of PAM, Secrets Management, PKI, Cryptography, Security Logging is desirable.
• Experience with JIRA/Confluence is desirable.

Tech Stack

• Cloud

Benefits

• Abide by Mastercard security policies and practices.
• Ensure confidentiality and integrity of information accessed.
• Report suspected security violations or breaches.
• Complete mandatory security training.