We are not your average financial services firm and our unique culture is just one aspect that makes us stand out from the crowd. We offer a supportive environment that encourages innovation and creativity whilst maintaining a healthy lifestyle balance. You will be joining one of Europe's leading Investment Management firms where you can expect real responsibility and recognition from day one. We are large enough to offer a wide variety of career opportunities, whilst small enough to treat you as an individual and tailor training and development to your specific needs.
An opportunity has arisen for an Information Risk Consultant to join the Information Risk Management Function to make a valuable contribution to the Group's information security and IT risk management programme.
Purpose of the role
In today's world of complex connectivity, rapid advances in technology and increasing use of third party suppliers and cloud solutions, information security has become a high profile and important issue.
You will be providing support to Principal and Senior Information Risk Consultants within the team and helping business leaders balance the risk vs. reward when evaluating cybersecurity risks and mitigations.
Your key responsibilities will be
* Assist with the delivery of the IRM security risk appetite monitoring and controls assessment programme; * Provide input to the review of security risks associated with new and changing applications and services; * Support the delivery of due diligence and ongoing assurance of third party Cloud (SaaS) solutions used by frontline business areas ; * Be the main point of liaison for the business and other areas within the Information Risk team in order to coordinate and advise on compliance with Group Policies and standards.
Who are we looking for?
We are looking for an individual who has experience in an Information Security Role who ideally has a background in performing information security reviews.
You will ideally have a high level understanding of relevant international security or IT control frameworks including - ISO 27001/2: 2013, CSA, NIST and COBIT.
As a successful candidate you will ideally demonstrate the following...
* An understanding of security assessment techniques and frameworks * A desire to learn about new technologies * A positive attitude towards communication within the organisation * The confidence to ask for assistance when necessary * A willingness to ask for feedback and act on it * The ability to act with integrity and take personal responsibility for outcomes
M&G is committed to a diverse and inclusive workplace. Our role as an employer is very simple - to provide the right environment for talented people to do their best work, by respecting, understanding and valuing individual differences.
We welcome applications from individuals who have taken an extended career break, and we are willing to consider flexible working arrangements for all of our roles.