Enterprise Security Engineer - (Fixed Term Contract)

Our purpose is to give everyone real confidence to put their money to work. With a heritage dating back more than 175 years, we have a long history of innovation in savings and investments, combining asset management and insurance expertise to offer a wide range of solutions. Our two distinct operating segments, Asset Management and Life, work together to provide access to balanced, long-term investment and savings solutions. Through telling it like it is, owning it now, and moving it forward together with care and integrity; we are creating an exceptional place to work for exceptional talent. We will consider flexible working arrangements for any of our roles and also offer workplace accommodations to ensure you have what you need to effectively deliver in your role.

The Role

Our Life & Technology business unit is facilitating business growth by launching a variety of new applications and undergoing a strategic journey of digitizing our services with an organization-wide migration to the cloud. The function of this role is to collaborate across the business to initiate, design and manage strategic change for M&G in a holistic manner. The function will also focus on providing affordable and reliable technology solutions and services that will be at the heart of our M&G business success. Our Security Operations team are looking for highly motivated Enterprise Security Engineer with strong technical skills, problem-solving abilities, deep customer affinity and strong communication skills.

Key Responsibilities

• Application Security reviews. Work with Security SDLC Tooling and key teams within Security Operations to ensure secure delivery of 3rd parties libraries and application container images.
• Investigate and analyse suspected vulnerabilities and weak security controls while working across the various facets of the business unit.
• Quantify and articulate security risk into business risk to inform key stakeholders of security findings.
• Work closely with security operations teams on any reported or suspected vulnerability, emerging threats, incidents and improving continuous development tooling.
• Security metrics delivery and improvements.
• Automating Continuous Improvement and Continuous Development processes to include security by design.
• Develop and maintain key relationships with key stakeholders across the business unit and the various technology areas.

You will have:

• BS in Computer Science or related field, or equivalent work experience.
• Minimum of 2 years of experience with any combination of the following: threat modeling, secure coding, identity management and authentication, software development, cryptography, system administration and network security.
• Minimum of 2 years of experience with security engineering, system and network security, authentication and security protocols, cryptography, or application security.
• A deep understanding of Windows and Linux systems hardening, containerization, and cloud security controls.
• Experience of cloud and container technologies and solutions (particularly Microsoft Azure, Red Hat Openshift Container Platform/Kubernetes) and other SaaS/PaaS technologies.
• Experience of integrating security tooling within deployment pipelines.
• Experience of operating in agile working practices and exposure to Atlassian products (Jira and Confluence), Azure DevOps, Github.
• Exposure to continuous integration, continuous development related systems and techniques (e.g. Azure DevOps (VSTS) / Jenkins).
• Experience with or exposure to compliances (FedRAMP, SOC-2, PCI, ISO 27K, GDPR).
• Excellent verbal and written interpersonal skills, a phenomenal teammate with strong analytical, problem solving, debugging and troubleshooting skills.
• Demonstrate talent in technologies such as Java, Python, Powershell, Bash, Terraform, Azure ARM Infrastructure and KQL (for Azure Log Analytics queries).
• An ability to drive decisions and be hands-on.

What we offer:

• As a savings and Investments firm we are proud to offer a valuable pension scheme of 18%, with 13% made up of Employer Contributions and 5% Employee Contributions.
• Enjoy 38 days annual leave including bank holidays, with the opportunity to purchase up to 5 extra days and additional flexibility through our Time Off When You Need It policy.
• Our market leading Inspiring Families policy includes comprehensive support and paid parental leave covering maternity, adoption, surrogacy, and paternity leave.
• Health & Protection cover including Private Healthcare, Critical Illness cover and Life Assurance for you, with family options.

We have a diverse workforce and an inclusive culture at M&G, underpinned by our policies and our employee-led networks who provide networking opportunities, advice and support for the diverse communities our colleagues represent. Regardless of gender, ethnicity, age, sexual orientation, nationality, disability or long term condition, we are looking to attract, promote and retain exceptional people. We also welcome those who take part in military service and those returning from career breaks. M&G is also proud to be a Disability Confident Leader, and we welcome applications from candidates with long-term health conditions, disabilities, or neuro-divergent conditions.