Lead and operate enterprise vulnerability scanning capability: run and tune scans across infrastructure, applications, cloud and network; interpret results; drive automation, coverage, reporting, and remediation collaboration; support governance, audits, and continuous improvement.
Our Purpose
Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we're helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential.
Title and Summary
Senior Vulnerability Analyst
Senior Vulnerability Analyst, Cyber Security Vulnerability Scanning
Who is Mastercard?
Mastercard is a global technology company in the payments industry. Our mission is to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart and accessible. Our secure data, global network, partnerships, and innovation help individuals, financial institutions, governments and businesses realise their greatest potential.
Across more than 210 countries and territories, our culture is driven by our Decency Quotient (DQ). We put people first and act with integrity in everything we do.
Mission First, People Always
Corporate Security is responsible for protecting Mastercard from cyber, physical and operational threats. Our people are at the frontline of safeguarding the organisation, and we are committed to their development, wellbeing and success.Overview
The Senior Vulnerability Analyst is accountable for supporting the vulnerability scanning capability within the Vulnerability Management function. This includes scanning platforms, ensuring timely and accurate vulnerability identification, and driving improvements to coverage, automation, reporting and overall scan effectiveness.
You will act as a subject-matter expert for vulnerability scanning-ensuring vulnerabilities are accurately detected, communicated to stakeholders, and aligned with Mastercard's broader security strategy. You will also contribute to continuous improvement across the vulnerability management lifecycle.Key Responsibilities
Operations• Support the Vulnerability Scanning team.• Oversee daily scanning operations, ensuring accuracy, completeness and adherence to SLAs.• Ensure timely delivery of scan results, reporting, and escalations.
Technology Ownership• Maintain the vulnerability scanning toolsets across infrastructure, applications, cloud and network environments.• Ensure scanning coverage remains complete and up to date across all assets.• Monitor scan performance, tune configurations, and optimise scanning processes.• Champion automation and integration with asset management tools.
Governance, Controls & Standards• Maintain policies, standards and processes related to vulnerability scanning.• Ensure alignment with Mastercard security policies, regulatory requirements, and industry best practice.• Support audits, compliance reviews and evidence requests relating to scanning.
Analysis, Reporting & Continuous Improvement• Provide expert interpretation of scan results, threat alerts and vulnerability intelligence.• Deliver high-quality management information, dashboards and reporting to senior leaders.• Identify and drive continuous improvements in scanning effectiveness, coverage and process efficiency.• Propose enhancements to technology, workflows or methodologies based on metrics and stakeholder feedback.
Collaboration & Stakeholder Engagement• Act as a point of contact for scanning-related queries.• Partner closely with remediation teams, threat intelligence, engineering, and application teams.• Contribute to incident response and investigations where vulnerabilities are involved.• Represent the scanning function in cross-functional projects and working groups.About You
Experience & Expertise• Demonstrable experience leading a vulnerability scanning or vulnerability management team.• Strong technical expertise with enterprise vulnerability scanning technologies (e.g., Tenable, Qualys, Rapid7, Prisma, or equivalent).• Strong understanding of network, cloud, application and container security principles.• Experience implementing vulnerability management strategies, tools and process improvements.• Solid understanding of malware behaviours, attack vectors, and exploit methodologies.
Skills
Technical• Excellent knowledge of security standards, frameworks and regulatory expectations.• Strong analytical and problem-solving skills.• Ability to interpret vulnerability data and communicate in business-friendly language.• Strong understanding of network design, traffic flows, and firewall architecture.
Professional• Excellent communication and presentation abilities.• Ability to prioritise and manage competing demands in a fast-paced environment.• Strong business acumen and ability to influence across technical and non-technical teams.Corporate Security Responsibilities
Every colleague working for or on behalf of Mastercard is responsible for protecting our information assets. The successful candidate must:• Abide by Mastercard's security policies and practices.• Ensure confidentiality, integrity and appropriate use of information.• Report any suspected security incidents or breaches.• Complete required security training as mandated.
Corporate Security Responsibility
All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:
Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we're helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential.
Title and Summary
Senior Vulnerability Analyst
Senior Vulnerability Analyst, Cyber Security Vulnerability Scanning
Who is Mastercard?
Mastercard is a global technology company in the payments industry. Our mission is to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart and accessible. Our secure data, global network, partnerships, and innovation help individuals, financial institutions, governments and businesses realise their greatest potential.
Across more than 210 countries and territories, our culture is driven by our Decency Quotient (DQ). We put people first and act with integrity in everything we do.
Mission First, People Always
Corporate Security is responsible for protecting Mastercard from cyber, physical and operational threats. Our people are at the frontline of safeguarding the organisation, and we are committed to their development, wellbeing and success.Overview
The Senior Vulnerability Analyst is accountable for supporting the vulnerability scanning capability within the Vulnerability Management function. This includes scanning platforms, ensuring timely and accurate vulnerability identification, and driving improvements to coverage, automation, reporting and overall scan effectiveness.
You will act as a subject-matter expert for vulnerability scanning-ensuring vulnerabilities are accurately detected, communicated to stakeholders, and aligned with Mastercard's broader security strategy. You will also contribute to continuous improvement across the vulnerability management lifecycle.Key Responsibilities
Operations• Support the Vulnerability Scanning team.• Oversee daily scanning operations, ensuring accuracy, completeness and adherence to SLAs.• Ensure timely delivery of scan results, reporting, and escalations.
Technology Ownership• Maintain the vulnerability scanning toolsets across infrastructure, applications, cloud and network environments.• Ensure scanning coverage remains complete and up to date across all assets.• Monitor scan performance, tune configurations, and optimise scanning processes.• Champion automation and integration with asset management tools.
Governance, Controls & Standards• Maintain policies, standards and processes related to vulnerability scanning.• Ensure alignment with Mastercard security policies, regulatory requirements, and industry best practice.• Support audits, compliance reviews and evidence requests relating to scanning.
Analysis, Reporting & Continuous Improvement• Provide expert interpretation of scan results, threat alerts and vulnerability intelligence.• Deliver high-quality management information, dashboards and reporting to senior leaders.• Identify and drive continuous improvements in scanning effectiveness, coverage and process efficiency.• Propose enhancements to technology, workflows or methodologies based on metrics and stakeholder feedback.
Collaboration & Stakeholder Engagement• Act as a point of contact for scanning-related queries.• Partner closely with remediation teams, threat intelligence, engineering, and application teams.• Contribute to incident response and investigations where vulnerabilities are involved.• Represent the scanning function in cross-functional projects and working groups.About You
Experience & Expertise• Demonstrable experience leading a vulnerability scanning or vulnerability management team.• Strong technical expertise with enterprise vulnerability scanning technologies (e.g., Tenable, Qualys, Rapid7, Prisma, or equivalent).• Strong understanding of network, cloud, application and container security principles.• Experience implementing vulnerability management strategies, tools and process improvements.• Solid understanding of malware behaviours, attack vectors, and exploit methodologies.
Skills
Technical• Excellent knowledge of security standards, frameworks and regulatory expectations.• Strong analytical and problem-solving skills.• Ability to interpret vulnerability data and communicate in business-friendly language.• Strong understanding of network design, traffic flows, and firewall architecture.
Professional• Excellent communication and presentation abilities.• Ability to prioritise and manage competing demands in a fast-paced environment.• Strong business acumen and ability to influence across technical and non-technical teams.Corporate Security Responsibilities
Every colleague working for or on behalf of Mastercard is responsible for protecting our information assets. The successful candidate must:• Abide by Mastercard's security policies and practices.• Ensure confidentiality, integrity and appropriate use of information.• Report any suspected security incidents or breaches.• Complete required security training as mandated.
Corporate Security Responsibility
All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:
- Abide by Mastercard's security policies and practices;
- Ensure the confidentiality and integrity of the information being accessed;
- Report any suspected information security violation or breach, and
- Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines.
Mastercard London, England Office
1 Angel Lane, London, United Kingdom, EC4R 3AB
Similar Jobs at Mastercard
Blockchain • Fintech • Payments • Consulting • Cryptocurrency • Cybersecurity • Quantum Computing
Lead the design and implementation of stablecoin solutions at Mastercard, overseeing integrations with issuers and ensuring compliance with regulations while driving product innovation in the digital asset space.
Top Skills:
BlockchainDigital AssetsPayment Solutions
Blockchain • Fintech • Payments • Consulting • Cryptocurrency • Cybersecurity • Quantum Computing
Lead security consultant advising product and business teams to embed security across software, architecture, networks and processes. Deliver assurance, develop standards and frameworks, manage third-party testing, and guide risk-balanced decisions to meet compliance and regulatory requirements.
Top Skills:
Application SecurityConfluenceCryptographyData ProtectionIdentity And Access ManagementIso27001JIRANetwork SecurityNist Sp800-53Pci-DssPkiPrivileged Access ManagementSecrets ManagementSecurity Assurance TestingSecurity LoggingThird-Party Vendor ManagementThreat Modelling
Blockchain • Fintech • Payments • Consulting • Cryptocurrency • Cybersecurity • Quantum Computing
Lead evaluation and design of regulated payment products within Mastercard Transaction Services. Drive product enablement, stakeholder workshops, solution documentation, operational process design, and go-to-market advisory for multi-rail and regulated product initiatives.
Top Skills:
AmlOpen BankingPowerPointSanctions ScreeningStablecoins
What you need to know about the London Tech Scene
London isn't just a hub for established businesses; it's also a nursery for innovation. Boasting one of the most recognized fintech ecosystems in Europe, attracting billions in investments each year, London's success has made it a go-to destination for startups looking to make their mark. Top U.K. companies like Hoptin, Moneybox and Marshmallow have already made the city their base — yet fintech is just the beginning. From healthtech to renewable energy to cybersecurity and beyond, the city's startups are breaking new ground across a range of industries.
