At a Glance
- Tasks: Join our team to enhance security in application development and manage strategic changes.
- Company: M&G is a leading international savings and investments business with over 170 years of experience.
- Benefits: Enjoy flexible working arrangements and workplace accommodations tailored to your needs.
- Why this job: Be part of a dynamic team driving digital transformation and making a real impact in security.
- Qualifications: You need a BS in Computer Science or equivalent, plus 2 years of relevant experience.
- Other info: We celebrate diversity and welcome applications from all backgrounds, including those with disabilities.
The predicted salary is between 43200 - 72000 £ per year.
At M&G our purpose is to give everyone real confidence to put their money to work. As an international savings and investments business with roots stretching back more than 170 years, we offer a range of financial products and services through Asset Management, Life and Wealth. All three operating segments work together to deliver attractive financial outcomes for our clients, and superior shareholder returns. Through our behaviours of telling it like it is, owning it now, and moving it forward together with care and integrity; we are creating an exceptional place to work for exceptional talent. We will consider flexible working arrangements for any of our roles and also offer workplace accommodations to ensure you have what you need to effectively deliver in your role.
The Role
Our Life & Technology business unit is facilitating business growth by launching a variety of new applications and undergoing a strategic journey of digitizing our services with an organization-wide migration to the cloud. The function of this role is to collaborate across the business to initiate, design and manage strategic change for M&G in a holistic manner. The function will also focus on providing affordable and reliable technology solutions and services that will be at the heart of our M&G business success.
Our Security Operations team are looking for highly motivated Enterprise Security Engineer with strong technical skills, problem-solving abilities, deep customer affinity and strong communication skills.
Key Responsibilities
- Application Security reviews.
- Work with Security SDLC Tooling and key teams within Security Operations to ensure secure delivery of 3rd parties libraries and application container images.
- Investigate and analyse suspected vulnerabilities and weak security controls while working across the various facets of the business unit.
- Quantify and articulate security risk into business risk to inform key stakeholders of security findings.
- Work closely with security operations teams on any reported or suspected vulnerability, emerging threats, incidents and improving continuous development tooling.
- Security metrics delivery and improvements.
- Automating Continuous Improvement and Continuous Development processes to include security by design.
- Develop and maintain key relationships with key stakeholders across the business unit and the various technology areas.
You will have:
- BS in Computer Science or related field, or equivalent work experience.
- Minimum of 2 years of experience with any combination of the following: threat modeling, secure coding, identity management and authentication, software development, cryptography, system administration and network security.
- Minimum of 2 years of experience with security engineering, system and network security, authentication and security protocols, cryptography, or application security.
- A deep understanding of Windows and Linux systems hardening, containerization, and cloud security controls.
- Experience of cloud and container technologies and solutions (particularly Microsoft Azure, Red Hat Openshift Container Platform/Kubernetes) and other SaaS/PaaS technologies.
- Experience of integrating security tooling within deployment pipelines.
- Experience of operating in agile working practices and exposure to Atlassian products (Jira and Confluence), Azure DevOps, Github.
- Exposure to continuous integration, continuous development related systems and techniques (e.g. Azure DevOps (VSTS) / Jenkins).
- Experience with or exposure to compliances (FedRAMP, SOC-2, PCI, ISO 27K, GDPR).
- Excellent verbal and written interpersonal skills, a phenomenal teammate with strong analytical, problem-solving, debugging and troubleshooting skills.
- Demonstrate talent in technologies such as Java, Python, Powershell, Bash, Terraform, Azure ARM Infrastructure and KQL (for Azure Log Analytics queries).
- An ability to drive decisions and be hands-on.
We have a diverse workforce and an inclusive culture at M&G plc, underpinned by our policies and our employee-led networks who provide networking opportunities, advice and support for the diverse communities our colleagues represent. Regardless of gender, ethnicity, age, sexual orientation, nationality, disability or long-term condition, we are looking to attract, promote and retain exceptional people. We also welcome those who take part in military service and those returning from career breaks.
M&G is also proud to be a Disability Confident Leader, and we welcome applications from candidates with long-term health conditions, disabilities, or neuro-divergent conditions. Being a Disability Confident Leader means that candidates who meet the minimum criteria of a job will be offered an interview if they 'opt in' to the scheme when applying. If you need assistance or an alternative means of applying for a role due to a disability or additional need, please let us know by contacting us at: careers@mandg.com
Enterprise Security Engineer employer: M&G plc
Contact Detail:
M&G plc Recruiting Team
careers@mandg.com
StudySmarter Expert Advice 🤫
We think this is how you could land Enterprise Security Engineer
✨Tip Number 1
Familiarise yourself with M&G's core values and mission. Understanding their commitment to integrity and collaboration will help you align your responses during interviews, showcasing how you embody these principles.
✨Tip Number 2
Highlight your experience with cloud security and container technologies, especially Microsoft Azure and Kubernetes. Be prepared to discuss specific projects where you've successfully implemented security measures in these environments.
✨Tip Number 3
Demonstrate your problem-solving skills by preparing examples of how you've tackled security vulnerabilities in the past. Use the STAR method (Situation, Task, Action, Result) to structure your responses effectively.
✨Tip Number 4
Network with current or former employees of M&G on platforms like LinkedIn. Engaging with them can provide insights into the company culture and expectations, which can be invaluable during your application process.
We think you need these skills to ace Enterprise Security Engineer
Some tips for your application 🫡
Understand the Role: Before you start writing your application, make sure you fully understand the responsibilities and requirements of the Enterprise Security Engineer position. Tailor your application to highlight how your skills and experiences align with the key responsibilities mentioned in the job description.
Highlight Relevant Experience: Focus on showcasing your experience with security engineering, system and network security, and any relevant technologies like Microsoft Azure or Kubernetes. Use specific examples from your past work to demonstrate your expertise in these areas.
Showcase Soft Skills: In addition to technical skills, M&G values strong communication and problem-solving abilities. Make sure to include examples that illustrate your interpersonal skills and your ability to work collaboratively within a team.
Tailor Your CV and Cover Letter: Customise your CV and cover letter for this specific role. Use keywords from the job description and ensure that your documents reflect your understanding of M&G's mission and values, particularly their focus on integrity and collaboration.
How to prepare for a job interview at M&G plc
✨Understand the Role
Make sure you have a solid grasp of what an Enterprise Security Engineer does. Familiarise yourself with key responsibilities like application security reviews and vulnerability analysis, as well as the technologies mentioned in the job description.
✨Showcase Your Technical Skills
Be prepared to discuss your experience with security engineering, cloud technologies, and coding languages such as Java or Python. Highlight specific projects where you've successfully implemented security measures or resolved vulnerabilities.
✨Communicate Effectively
Strong communication skills are essential for this role. Practice articulating complex security concepts in simple terms, as you'll need to convey security risks to stakeholders who may not have a technical background.
✨Demonstrate Problem-Solving Abilities
Prepare examples of how you've tackled security challenges in the past. Discuss your approach to threat modelling, incident response, and continuous improvement processes to show that you're proactive and solution-oriented.