Senior Software Engineer - Cybersecurity

ons, governments, and businesses realize their greatest potential. Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. We cultivate a culture of inclusion for all employees that respects their individual strengths, views, and experiences. We believe that our differences enable us to be a better team - one that makes better decisions, drives innovation, and delivers better business results.

Technology at Mastercard

What we create today will define tomorrow. Revolutionary technologies that reshape the digital economy to be more connected and inclusive than ever before - Safer, faster, more sustainable and we need the best people to do it. Technologists who are energized by the challenges of a truly global network. With the talent and vision to create the critical systems and products that power global commerce and connect people everywhere to the vital goods and services they need every day.
Working at Mastercard means being part of a unique culture. Inclusive and diverse, a rich collaboration of ideas and perspectives. A place that celebrates your strengths, values your experiences, and offers you the flexibility to shape a career across disciplines and continents. And the opportunity to work alongside experts and leaders at every level of the business, improving what exists, and inventing what's next.

About the role

This position is a member of the STRM - Security Threat and Response Management team which is responsible for security monitoring and response functions for Mastercard, accounting for both physical and cyber security events. Engineer would build new software capabilities, support existing solutions, provide technical oversight and lend its expertise to the program.

• Develop and fine-tune detection content in SIEM platform to improve threat detection and response capabilities.
• Design and build automated playbooks in SOAR platform for common incident response use cases.
• Lead and mentor analysts on detection logic, search optimization, and investigation best practices.
• Integrate data sources into Splunk and ensure normalization using CIM (Common Information Model).
• Write custom scripts (primarily in Python) for integrations, automation, and enrichment tasks.
• Create and maintain documentation for detections, use cases, and automation processes.
• Collaborate with Threat Intelligence, Incident Response, and DevSecOps teams to align detection and response efforts.
• Continuously assess and improve security posture through automation and process refinement.
• Stay current on threat trends, emerging technologies, and advancements in detection and SOAR use cases.

All about you

• Strong proficiency in Python for scripting, development, and automation.
• Solid understanding of security operations, SIEM, and incident response workflows.
• Experience in designing detection rules, risk-based alerting, and notable event tuning.
• Ability to mentor and guide junior team members on detection logic and investigation strategy.
• Familiarity with MITRE ATT&CK framework and applying it to detection development.
• Experience integrating various security tools and data sources with Splunk.
• Knowledge of REST APIs and building integrations with third-party tools.
• Prior experience in Security Engineering, SOC, or Threat Detection roles is plus.
• Deep expertise in Splunk Enterprise Security (ES) and Splunk SOAR (formerly Phantom) is plus.

Corporate Security Responsibility

All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:

• Abide by Mastercard's security policies and practices;
• Ensure the confidentiality and integrity of the information being accessed;
• Report any suspected information security violation or breach, and
• Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines.