Principal Security Engineer

Our Purpose

Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we’re helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential.

Title and Summary

Principal Security Engineer

Overview
The Principal Security Engineer serves as a trusted advisor and partner to developers, providing hands‑on support, coaching, and real‑time guidance to integrate security seamlessly into the development lifecycle. This role plays a critical part in shaping how security and threat modeling is taught, adopted, reviewed, and governed across Mastercard’s development lifecycle. The focus is on making security accessible, actionable, and aligned with how developers actually build software, driving adoption through collaboration, continuous feedback, and a strong developer experience.

Role
This is a senior, hands‑on security leadership role focused first and foremost on developer enablement and engagement, responsible for driving security excellence at scale across Mastercard. The Principal Security Engineer blends deep individual‑contributor expertise with practice‑building leadership, including:
Creating scalable, developer‑friendly threat modeling collateral such as blueprints, threat libraries, and templates
Implementing and evolving threat modeling methodologies
Establishing review and governance practices that support consistent, high‑quality outcomes
Designing and delivering formal learning and enablement programs that help engineers and architects confidently apply threat modeling in their day‑to‑day work
The role partners closely with development teams to embed security naturally into workflows, ensuring security enhances—not hinders—delivery.

About You
You are a senior security practitioner with deep, hands‑on experience in threat modeling and secure software design. You are comfortable operating at scale, influencing across teams, and working directly with developers and architects. You combine technical depth with strong coaching and communication skills, and you are passionate about building practical, developer‑centric security practices. You thrive in environments where collaboration, continuous improvement, and strong developer experience are key to success.

Corporate Security Responsibility

All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:

• Abide by Mastercard’s security policies and practices;

• Ensure the confidentiality and integrity of the information being accessed;

• Report any suspected information security violation or breach, and

• Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.