Summary
Overview
Work History
Education
Skills
Accomplishments
Certification
Languages
Timeline
Generic
Mehmet Akif KAYAPINAR

Mehmet Akif KAYAPINAR

200 Goulburn Street Surry Hills,NSW

Summary

Accomplished and results-driven Information Security leader with extensive expertise in designing, implementing, and scaling secure, cloud-native, and hybrid security architectures across global enterprises, most notably within a leading financial technology organization. Proven ability to embed secure-by-design principles into SDLC , driving enterprise-wide adoption of risk-based governance in alignment with the NIST Risk Management Framework (RMF), PCI DSS, and SOC 2 standards.

Recognized for building and leading high-performing, geographically distributed security teams, fostering a culture of innovation, technical excellence, and continuous improvement. Adept at leading major digital transformation initiatives, architecting secure cloud infrastructures, and proactively managing emerging threats through threat intelligence, vulnerability management, and security automation.

Known for strong executive stakeholder engagement and the ability to translate complex cybersecurity challenges into actionable insights and measurable business outcomes. Currently seeking to lead transformational security programs and advance enterprise resilience in a dynamic, forward-looking organization.

Overview

14
14
years of professional experience

Work History

Director of Information Security

Mastercard
02.2022 - Current
  • Directed security operations for Mastercard’s largest global program, strengthening resilience and safeguarding critical services for 100,000+ customers across multiple regions, achieving continuous operational uptime and regulatory compliance.
  • Built and led a geographically distributed Information Security team, delivering proactive security solutions and accelerating response times in a high-risk, fast-paced global environment.
  • Spearheaded the development of security program goals, risk-driven roadmaps, and prioritization frameworks, enabling proactive alignment with business objectives and strengthening security posture.
  • Executed continuous security assessments across cloud-native and hybrid infrastructures, rapidly identifying vulnerabilities and mitigating emerging threats to safeguard critical business systems and customer data.
  • Developed and mentored security talent, fostering a high-growth environment focused on technical excellence and leadership capability.
  • Administered a comprehensive risk management framework aligned with NIST RMF, enhancing early risk identification, treatment planning, and remediation across operational domains.
  • Designed and delivered Threat Modeling and Secure SDLC training programs to 600+ engineers, embedding secure-by-design principles across Mastercard Processing Program development lifecycles.
  • Championed a culture of continuous security improvement by integrating modern methodologies (e.g., threat modelling, DevSecOps) and innovative automation approaches to proactively address evolving cyber risks.
  • Applied deep expertise in security frameworks (NIST CSF, NIST RMF) and regulatory standards (PCI DSS) to drive best-practice risk management and strengthen audit readiness across global programs.

Information Security Manager

Mastercard
06.2019 - 02.2022
  • Architected and continuously enhanced enterprise-grade security and resilience frameworks, embedding security principles into every phase of the SDLC and product lifecycle.
  • Executed comprehensive Threat and Risk Assessments (TRAs) across a distributed platform of 2,000+ microservices, enabling early identification of critical vulnerabilities and driving timely risk mitigation strategies.
  • Embedded end-to-end risk lifecycle management including identification, impact analysis, treatment planning, and risk register maintenance into core security operations to enhance risk visibility and governance.
  • Spearheaded cross-functional security initiatives, aligning engineering, DevOps, cloud, and compliance teams to deliver cohesive, secure, and scalable service delivery across global environments.
  • Developed and delivered actionable, data-driven security insights leveraging threat intelligence, vulnerability metrics, and compliance assessments to drive informed executive decision-making.
  • Fostered strong, collaborative relationships with external regulators and audit bodies, ensuring continuous PCI DSS compliance and adherence to security frameworks (ISO 27001, NIST CSF).
  • Served as a trusted technical advisor to C-level stakeholders, translating complex cybersecurity domains including cloud security architecture, secure-by-design, secure SDLC (S-SDLC), and regulatory compliance into actionable strategies supporting enterprise risk reduction and innovation.

Information Security Manager

Mastercard
09.2017 - 06.2019
  • Led the design and implementation of enterprise-wide information security frameworks, aligning with industry standards such as the NIST Risk Management Framework (RMF) and NIST Cyber Security Framework (CSF)
  • Provided end-to-end technical project management across multiple security initiatives, ensuring successful delivery of complex security solutions within scope, timeline, and budget constraints.
  • Identified and drove continuous improvement initiatives, optimizing security controls, system hardening processes, and risk mitigation strategies to enhance operational resilience and cost efficiency.
  • Managed vendor security engagements, negotiating favorable SLAs, evaluating third-party risk, and ensuring service providers adhered to cybersecurity requirements and regulatory standards.
  • Collaborated with senior leadership to define, monitor, and adjust the strategic information security roadmap, incorporating threat intelligence, risk trends, and business objectives into security planning.
  • Mentored and coached technical teams in secure architecture, DevSecOps practices, vulnerability management, and incident response, fostering a culture of engineering excellence and security-first thinking.
  • Delivered expert technical advisory services in the development of foundational security architectures, cloud migration strategies, and digital transformation programs, ensuring security was embedded from inception.

Senior Information Security Engineer

Mastercard
11.2016 - 09.2017

Senior Security Architect

Assistt
03.2014 - 11.2016

Security Engineer

Ziraat Bank
03.2013 - 03.2014

Security Consultant

Barikat - Security Consultancy
05.2012 - 03.2014

Education

Bachelor of Science - Computer Education And Instructional Technologies

Middle East Technical University
Ankara/Turkey
05-2011

Skills

  • Risk Management
  • Vulnerability Management
  • Data Protection & Encryption
  • Regulatory Compliance (PCI DSS, GDPR, SOX)
  • Security Frameworks (NIST RMF,NIST CSF, ISO 27001)
  • Cloud Security
  • Secure SDLC , DevSecOps
  • Security Architecture & Secure-by-Design Principles
  • Threat Modeling & Risk Assessment
  • Information Security Program Management
  • Stakeholder Management (Internal & External)
  • Security Awareness & Culture Building
  • Incident Response & Cyber Resilience
  • Identity & Access Management (IAM)
  • Security Automation & Orchestration

Accomplishments

  • Directed security engineering for Mastercard's most significant global program, supporting over 100,000 customers, with full ownership of risk management, threat identification, and incident response strategies.
  • Designed and implemented an enterprise-wide Secure SDLC program, training over 600 employees and embedding security practices into the software development lifecycle.
  • Maintained continuous PCI DSS compliance for over 9 years across multiple Mastercard regions, demonstrating strong governance, operational maturity, and audit readiness.
  • Led proactive vulnerability management initiatives by continuously assessing infrastructure, identifying emerging threats, and driving timely remediation to reduce business risk.
  • Architected and managed secure network and system infrastructures in alignment with best practices (e.g., NIST CSF, NIST RMF, CIS) and regulatory standards, ensuring resilience in highly regulated environments.
  • Played a strategic role in Mastercard's MPGS Cabinet, contributing to executive-level decision-making on security posture, risk prioritization, and roadmap development.
  • Bridged technical and business domains by translating complex security challenges into actionable insights, enabling secure innovation and informed stakeholder decisions.
  • Brought hands-on technical expertise in cloud security architecture, threat modelling, cryptography, application security, and secure-by-design methodologies.
  • Built and led high-performing, geographically distributed teams, fostering a culture of continuous improvement, knowledge sharing, and professional growth through mentorship and coaching.

Certification

CISSP - PCI ISA - CCNA - CEH

Languages

English
Full Professional
Turkish
Native or Bilingual

Timeline

Director of Information Security

Mastercard
02.2022 - Current

Information Security Manager

Mastercard
06.2019 - 02.2022

Information Security Manager

Mastercard
09.2017 - 06.2019

Senior Information Security Engineer

Mastercard
11.2016 - 09.2017

Senior Security Architect

Assistt
03.2014 - 11.2016

Security Engineer

Ziraat Bank
03.2013 - 03.2014

Security Consultant

Barikat - Security Consultancy
05.2012 - 03.2014

Bachelor of Science - Computer Education And Instructional Technologies

Middle East Technical University

Similar Profiles

  • Sabrina Sharmeen

    Sabrina SharmeenSabrina Sharmeen

    Software Engineer II at MastercardSoftware Engineer II at Mastercard

    View Profile
  • Aditya Deshpande

    Aditya DeshpandeAditya Deshpande

    Lead Software Engineer / Manager at MastercardLead Software Engineer / Manager at Mastercard

    View Profile
  • Johanna Hutcherson

    Johanna HutchersonJohanna Hutcherson

    Lead Product Manager at MastercardLead Product Manager at Mastercard

    View Profile
Mehmet Akif KAYAPINAR