Security Operations Manager

on

Employer:M&G Limited
Location:London, England

Job description

M&G is one of the UK's leading asset managers and has experienced significant growth in recent years both in terms of funds under management, locations and staff. At the same time, the cyber risk landscape continues to evolve and the security expectations of our stakeholders and regulator's continue to increase. As a result of these changes, further investment is being made in our information security arrangements and some new positions are being created within the Information Risk Management (IRM) Team.

Purpose

The Security Operations Manager will be responsible for setting the agenda and managing the majority of the IRM team's first-line information security activities. This will involve managing a small team (3-4 staff initially) and setting objectives, providing management direction and supervision, and for performance management.

Specific activity:

  • Manage all aspects of the Security Operation's Teams activity.
  • Drive forward and manage the Group's identity and access management strategy and standards. This will include design and management of the Group's system authorisation model, access catalogue, access right and role definition, and recertification of access rights. This will require a high degree of business, IS and PGDS engagement, especially when existing systems are changed or new ones introduced.
  • Maintain and enhance the Group's first line security event monitoring and response procedures, ensuring all tasks are completed in a thorough and timely manner. This will involve the daily management of security events reported by the PGDS Security Operations Centre.
  • Provide an effective first line security support, advice and referral service for the PGDS IT Service Desk, IT departments and business staff and management.
  • In accordance with relevant subject matter experts, define and document security procedures and configurations and then monitor, manage and review exceptions.
  • Be the focal point for security investigations and forensic investigations, utilising subject matters experts where appropriate. Handle the engagement with management, HR, Legal and Group Functions as required.
  • Facilitate, support or lead security projects, improvements and proof of concepts, drawing in relevant subject matter experts and business users as required.
  • Manage operational aspects of information security activities and provide a support and administrative service for the IRM team. This includes completion of existing activities such as staff training programmes and management of the Group's customer data driving licence programme, but it will also involve developing new procedures and processes.
  • Developing and producing operational security MI and presenting this to management.
  • Contribute to other IRM activities as required.

Experience: The successful candidate is likely to have significant experience in the management of security operations activity. However, candidates with a proven management track record, with strong engagement skills and a background in or understanding of IT will also be considered.

The successful candidate will be expected to add value to business activity by developing and continuing to enhance operational security processes in a pragmatic manner.

M&G is an equal opportunities employer and welcomes applications from a diverse background.

Apply Online