Senior Vulnerability Analyst

Our Purpose
Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we're helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential.
Title and Summary
Senior Vulnerability Analyst
Senior Vulnerability Analyst, Cyber Security Vulnerability Scanning
Who is Mastercard?
Mastercard is a global technology company in the payments industry. Our mission is to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart and accessible. Our secure data, global network, partnerships, and innovation help individuals, financial institutions, governments and businesses realise their greatest potential.
Across more than 210 countries and territories, our culture is driven by our Decency Quotient (DQ). We put people first and act with integrity in everything we do.
Mission First, People Always
Corporate Security is responsible for protecting Mastercard from cyber, physical and operational threats. Our people are at the frontline of safeguarding the organisation, and we are committed to their development, wellbeing and success.Overview
The Senior Vulnerability Analyst is accountable for supporting the vulnerability scanning capability within the Vulnerability Management function. This includes scanning platforms, ensuring timely and accurate vulnerability identification, and driving improvements to coverage, automation, reporting and overall scan effectiveness.
You will act as a subject-matter expert for vulnerability scanning-ensuring vulnerabilities are accurately detected, communicated to stakeholders, and aligned with Mastercard's broader security strategy. You will also contribute to continuous improvement across the vulnerability management lifecycle.Key Responsibilities
Operations• Support the Vulnerability Scanning team.• Oversee daily scanning operations, ensuring accuracy, completeness and adherence to SLAs.• Ensure timely delivery of scan results, reporting, and escalations.
Technology Ownership• Maintain the vulnerability scanning toolsets across infrastructure, applications, cloud and network environments.• Ensure scanning coverage remains complete and up to date across all assets.• Monitor scan performance, tune configurations, and optimise scanning processes.• Champion automation and integration with asset management tools.
Governance, Controls & Standards• Maintain policies, standards and processes related to vulnerability scanning.• Ensure alignment with Mastercard security policies, regulatory requirements, and industry best practice.• Support audits, compliance reviews and evidence requests relating to scanning.
Analysis, Reporting & Continuous Improvement• Provide expert interpretation of scan results, threat alerts and vulnerability intelligence.• Deliver high-quality management information, dashboards and reporting to senior leaders.• Identify and drive continuous improvements in scanning effectiveness, coverage and process efficiency.• Propose enhancements to technology, workflows or methodologies based on metrics and stakeholder feedback.
Collaboration & Stakeholder Engagement• Act as a point of contact for scanning-related queries.• Partner closely with remediation teams, threat intelligence, engineering, and application teams.• Contribute to incident response and investigations where vulnerabilities are involved.• Represent the scanning function in cross-functional projects and working groups.About You
Experience & Expertise• Demonstrable experience leading a vulnerability scanning or vulnerability management team.• Strong technical expertise with enterprise vulnerability scanning technologies (e.g., Tenable, Qualys, Rapid7, Prisma, or equivalent).• Strong understanding of network, cloud, application and container security principles.• Experience implementing vulnerability management strategies, tools and process improvements.• Solid understanding of malware behaviours, attack vectors, and exploit methodologies.
Skills
Technical• Excellent knowledge of security standards, frameworks and regulatory expectations.• Strong analytical and problem-solving skills.• Ability to interpret vulnerability data and communicate in business-friendly language.• Strong understanding of network design, traffic flows, and firewall architecture.
Professional• Excellent communication and presentation abilities.• Ability to prioritise and manage competing demands in a fast-paced environment.• Strong business acumen and ability to influence across technical and non-technical teams.Corporate Security Responsibilities
Every colleague working for or on behalf of Mastercard is responsible for protecting our information assets. The successful candidate must:• Abide by Mastercard's security policies and practices.• Ensure confidentiality, integrity and appropriate use of information.• Report any suspected security incidents or breaches.• Complete required security training as mandated.
Corporate Security Responsibility
All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:

• Abide by Mastercard's security policies and practices;
• Ensure the confidentiality and integrity of the information being accessed;
• Report any suspected information security violation or breach, and
• Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines.