Security ConsultantPrincipal Information Security Consultant
Role details
Job location
Tech stack
Job description
Mastercard is looking for a Principal Information Security Consultant based in London, Dunstable, or Harrogate. This senior role sits within Vocalink and provides strategic security leadership across critical products and enterprise platforms. As a Principal Security Consultant, you will act as a trusted advisor and senior technical delegate to the Director of Information Security Consultancy - providing expert guidance, shaping strategy, and representing the Consultancy function in cross-organisation forums. You will operate with high autonomy, influencing complex decisions and raising the maturity and consistency of security engineering practices across Mastercard. Responsibilities
-
Lead high-impact security consultancy engagements across the enterprise.
-
Shape and mature the Security Consultancy function.
-
Act as a senior delegate for the Director of Information Security Engineering.
-
Provide authoritative guidance to engineering, product, and architecture teams.
-
Lead assurance for high-risk or complex systems.
-
Develop, refine, and promote security standards and frameworks.
-
Mentor Lead-level consultants.
-
Provide strategic direction on complex technical domains such as cryptography, IAM, network, data and application security All About You, Every person working for, or on behalf of, Mastercard is responsible for information security. Activities involving access to Mastercard assets, information, and networks carry inherent risk. The Principal Consultant must:
-
Abide by Mastercard security policies and practices.
-
Ensure confidentiality and integrity of information accessed.
-
Report suspected security violations or breaches.
-
Complete mandatory security training.
Corporate Security Responsibility
All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:
- Abide by Mastercard's security policies and practices;
- Ensure the confidentiality and integrity of the information being accessed;
- Report any suspected information security violation or breach, and
- Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines.
Requirements
-
Strong security mindset and deep knowledge of best practices and threats.
-
Broad and mature experience across software, architecture, network, cloud, and assurance.
-
Ability to negotiate with senior stakeholders.
-
Strong interpersonal and relationship-building skills.
-
Authority in complex technical decision-making.
-
Confidence in providing technical guidance on complex decisions (cryptography, network design, application security, data protection, IAM, etc.)
-
Experience producing high-quality documentation and threat models.
-
Familiarity with ISO 27001, NIST SP 800-53, PCI DSS, etc.
-
Self-starter comfortable with ambiguity.
-
Experience with third-party assurance and vendor interaction.
-
Proactive approach to enhancing the maturity of the security organisation Desirable Experience
-
Security certifications (CISSP, CISM, CSSLP, CISA).
-
Threat modelling and risk assessment expertise.
-
Knowledge of PAM, Secrets Management, PKI, Cryptography, Security Logging.
-
Experience with JIRA/Confluence.
