Principal Security Consultant

Job Description

At M&G our vision is: to become the best loved and most successful savings and investment business and were looking for people who are excited about joining us on our journey. Were digitally transforming and investing heavily in technology and innovation to develop new and improved customer propositions that really raise the bar for our customers.To help us achieve our vision were looking for exceptional people who live our values and behaviours and who can inspire others; embrace change; deliver results and keep it simple. We know that an inclusive environment makes us more accessible and ensures we attract, engage, promote and retain exceptional people. We welcome applications from all individuals regardless of age, gender/gender identity, sexual orientation, ethnicity/nationality,disability, or military service and welcome those who have taken career breaks. We will consider flexible working arrangements or home working arrangements for any of our roles and also offer work place accommodations to ensure you have what you need to effectivelydeliver in your role. What you can expect from us:We are committed to creating an environment where you can be exceptional at all you do. To help us deliver this, we promise to:

• Challenge Your Limits by creating a stimulating working environment and providing opportunities for you to be involved in meaningful and challenging work
• Support Your Aspirations with a commitment to learning and development that helps you achieve and build your experience with people who want you to succeed
• Value Your Input whereby leaders and managers will involve you in key decisions, listen to your thoughts and recognise the important contribution you make
• Balance Your Life through a work life partnership that focuses on making this an inclusive, diverse and friendly place to work and offers the flexibility and support that enables everyone to be at their best

How do we support our employees: All M&G plc employees will be supported in the workplace through our M&G Employee Assistance Programme (EAP). If you need counselling, confidential financial or legal advice. The service is available 24 hours a day, 365 days a year and offers access to qualifiedprofessionals who can provide specialist information, advice and support on many issues. It offers a broad range of services, including help with family issues, maintaining work/life balance and mental health support. Working with M&G as the Principal Security Engineer means becoming part of a brand with a global reputation and an exciting vision: to be the leader in helping customers achieve their long-term financial goals. If youre inspired to join us, and if you havethe necessary qualities, then this could be the opportunity youve been looking for. We need a leader/architect who is a technical security expert and is confident dealing with a range of stakeholders from IT, the business, and strategic partners. You will be working on exciting new change initiatives, helping security and our business partnersto achieve the digital ambitions across web, mobile and cloud. As the Principal Security Engineering within M&G youll have the opportunity to lead change, working on a wide range of different projects & platforms and using your expert knowledge to translate high level security requirements into designs. Youllalso be working closely with our security engineers to understand and develop the enterprises security architecture and integrate them into change initiatives. Job Requirements - Knowledge based and technology skills:

• Extensive experience of working in a business facing IT / Cyber Security role, ideally within a regulated environment.
• An understanding of the regulations and legislation that apply to a pension and investment organisation.
• Experience of securing cloud / cloud hybrid services (including IaaS, PaaS and SaaS variances) as well as mobile security models.
• A good understanding of Azure security is essential and M365 / MS Power Platform security capabilities would be an advantage.
• An excellent understanding of securing applications, infrastructure and networks. This includes a detailed understanding of security technologies required to secure an enterprise, their capabilities and interoperability covering:
  • Cyber / Web Security (Firewalls, DoS, Proxies, CDN / WAF, API Gateways etc.).
  • Threat & Incident Management (SOC, SIEM, Threat Intelligence, etc)
  • Data Security (DLP, DRM, etc)
  • IDAM (FIAM, SSO, etc). Experience of Azure AD would be advantageous.
  • Mobile Security (EMM, MAM, MDM etc).
  • Cryptography (including Key Management and PKI)
  • Desktop / Server / Virtualisation Security (vulnerability and patch management, malware protection, etc)
• Detailed working knowledge of infrastructure and application security requirements and good understanding of recognised information security management and governance frameworks (ISF SOGP (Standards of Good Practice), NIST 800-53 and CIS 7.1
• A recognised information security qualification (CISSP, CISM etc.). The following qualifications are also desirable:
  • Certificate Cloud Security Knowledge (CCSK)
  • SABSA Chartered Practitioner (SCP)

Job Requirements -Transferable / functional skills:

• Strong stakeholder management skills.
• Highly organised, excellent prioritisation and planning skills
• Strong written and verbal communication skills and ability to influence using risk-based reasoning.
• Extensive experience in articulating complex requirements as easy to understand security designs using threat profiling, reusable models and architecture principles
• Ability to work alone or as part of a team, whilst working on multiple items at the same time.
• Ability to translate complex technical issues into meaningful details for non-specialist audiences.

Youll be expected to demonstrate:

You can tackle complexity and make things simple for customers and those around you.

Youre commercially savvy, you think competitively, and youll seize a good opportunity whether big or small.

You love to innovate, exploring what matters to customers and creating solutions that make a positive difference.

Youre a team player who can help everyone pull together to achieve shared goals.

Youre willing to take responsibility, creating better outcomes by stepping forward, using your judgement and making things happen.You thrive on a challenge, working with intellectual rigour at pace