Lead Program Security Engineer
Current• Working with software development teams to define alternatives and recommend optimal solutions to meet security and regulatory requirements in the design of new and enhanced systems• Assisting in the deployment of security aspects of the SDLC (e.g., threat modeling, application security testing)• Building Secure DevOps architecture patterns and provide guidance on how to develop secure applications and infrastructures• Managing internal projects on threat issues that support a variety of participants and stakeholders measuring the effectiveness and comprehensiveness of MasterCard first line defenses.• Design secure multi-domain Internet facing applications• Implementing PKI, Digital Certificates, SSL, Hashing, Encryption techniques and practices• Providing technical design and architecture advice to internal teams on how to securely develop and build applications and supporting systems (including databases/data warehouse)• Building & deploying security infrastructure and automate security operations• Develop high-quality technical content such as automation tools, reference architectures, and white papers to help our consultants, partners, and customers build on the work you deliver.• Targeting the high level, high impact related threats to product with the aim of enhancing the effectiveness of managing operational risks• Challenging criteria, tools and methodologies used for threat intelligence and threat landscape analysis. • Performing vulns risk review by assessing the different layers of vulns of the designated system/environment to determine risk in order to prioritize remediation• Consolidate apps and infrastructure vulns into one risk focused view to help provide guidance senior management risk and remediation decisions.• Define secure mechanisms for critical business functions in cloud environments• Working on improvements for security services, including the continuous enhancement of existing methodology material and supporting assets