Security Architect - Mastercard Foundation

Mastercard Foundation seeks a world where everyone has the opportunity to learn and prosper. Through its Young Africa Works strategy and Canadian EleV program, the Foundation works with partners to ensure that millions of young people, especially young women, access quality education, financial services, and dignified work. Mastercard Foundation was established in 2006 through the generosity of Mastercard when it became a public company. The Foundation is independent with its own Board of Directors and CEO.

THE WORK AT THE FOUNDATION

We have entered a very exciting time at the Foundation as we scale up our operations across Africa to realize our Young Africa Works strategy. Our role at the Mastercard Foundation is to be a catalyst. Our Young Africa Works strategy focuses on working with others to spur systemic change so young people have the opportunity to find work that is dignified and fulfilling.

The Foundation has opened offices in Rwanda, Kenya, Ghana, Senegal, Ethiopia, Nigeria, and Uganda, building a broader leadership presence in Africa to develop specific strategies that support youth employment.  Within a country, we work with governments, the private sector, educators, and other funders to improve the quality of education and vocational training, prepare young people for the workforce, expand access to financial services for entrepreneurs and small businesses, and connect job seekers to dignified and fulfilling work.

We are ambitious and driven. Our values transcend and rise above everything else as our guide. We encourage you to bring your bold ideas, curiosity, and expertise to your work. We laugh at ourselves and with each other. We are a team. Our journey together makes our impact even more meaningful.

If you are an experienced Cybersecurity professional ready to build something new and increase your impact, read on!

THE OPPORTUNITY

Reporting to the Head of Cybersecurity, the Security Architect will lead and be responsible for the design, building, testing, and implementation of cybersecurity systems within our network.  A successful candidate for this position must possess both a deep and wide background in information security being applied across a wide breadth of technologies spanning both solutions built on traditional platforms and modern deployments on "open" technology stacks.

The successful candidate will be based in Canada or any of our listed offices in Africa (Rwanda, Ethiopia, Uganda, Kenya, South Africa, Ghana, and Nigeria).

WAYS YOU CAN CONTRIBUTE

• Define security architecture roadmap based on business needs and threat landscape
• Provide oversight and roadmaps for infrastructure security devices, including IPS, SIEM, malware proxies, network, and systems access controls, firewalls, authentication devices, enterprise monitoring systems, and others
• Developing project timelines for system upgrades and preparing cost estimates.
• Carry out risk analyses of Foundation’s IT systems and key processes
• Contribute to short and long-term IT portfolio planning
• Initiates proof of concepts to assist in defining security technology direction and enabling Foundation’s business strategy
• Contribute to cyber governance, risk, and compliance-related matters
• Conduct periodic assurance on systems access on all key systems
• Establishes a taxonomy of indicators of compromise (IOCs) and share this detail with other security colleagues, including the security operations center (SOC), information security managers and analysts, as well as counterparts within the network operations center (NOC)
• Work closely with the technology team i.e. vendor management, end-user support, and operations

WHO YOU ARE

• 2-5+ years’ experience in a similar role, with a minimum of 5 years experience in total as a cybersecurity professional
• Degree in Cybersecurity, Computer Science, Information Technology, Engineering, or similar domain
• Security certifications such as Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) are preferred

• Experience with public, private, and hybrid cloud services and the planning, development, migration, and integration of applications and services from on-premises infrastructure to Cloud-based SaaS, Platform-as-a-Service (PaaS), and Infrastructure-as-a-Service (IaaS) environments
• In-depth knowledge of Microsoft tech stack
• Experience in EDR, SIEM, IPS, IDS, device management, email gateways, web application security
• Proven experience reviewing application code for security vulnerabilities
• Experience securing CI/CD pipelines
• Direct, hands-on experience or strong working knowledge of vulnerability management tools
• Documented experience and a strong working knowledge of the methodologies to conduct threat-modeling exercises on new applications and services
• Growth mindset who is passionate to learn and use new and emerging technologies
• Strategic planning skills to interpret business, technology, and threat drivers, and develop practical security roadmaps to deal with these drivers
• Strong communication skills to translate complex security-related matters into business terms that are readily understood by colleagues including presenting analyses in person and written formats
• Financial acumen to evaluate the financial costs of recommended technologies, quantify purchasing and licensing options, estimate labor costs for a given service or technology, and estimate the total cost of operation (TCO), the ROI, or the payback period for services or technologies replacing existing capabilities
• Project management to draft project plans for security service and technology deployments and coordinate with stakeholders across the organization
• Possess professional maturity, sensitivity with different cultures, and impeccable integrity that exemplify the Foundation’s values
• You commit to Mastercard Foundation’s values and vision