AVP - Cyber Risk Oversight

We are M&G Global Services Private Limited (formerly known as 10FA India Private Limited, and prior to that Prudential Global Services Private Limited). We are a fully owned subsidiary of the M&G plc group of companies, operating as a Global Capability Centre providing a range of value adding services to the Group since 2003. At M&G our purpose is
to give everyone real confidence to put their money to work.
As an international savings and investments business with roots stretching back more than 170 years, we offer a range of financial products and services through Asset Management, Life and Wealth. All three operating segments work together to deliver attractive financial outcomes for our clients, and superior shareholder returns.

M&G Global Services has rapidly transformed itself into a powerhouse of capability that is playing an important role in M&G plc's ambition to be the best loved and most successful savings and investments company in the world.

Our diversified service offerings extending from Digital Services (Digital Engineering, AI, Advanced Analytics, RPA, and BI & Insights), Business Transformation, Management Consulting & Strategy, Finance, Actuarial, Quants, Research, Information Technology, Customer Service, Risk & Compliance and Audit provide our people with exciting career growth opportunities. Through our behaviours of
telling it like it is, owning it now, and moving it forward together
with
care and integrity;
we are creating an exceptional place to work for exceptional talent.

As oversight consultant specializing in Cyber Security, you will be responsible for assessing the security posture/risk of our organization's on-premise & cloud-based infrastructure and applications. Your primary objective is to identify vulnerabilities, assess risks, and provide recommendations to enhance the security posture of our cloud environment.

Key Responsibilities:

• Develop and maintain high level Cyber Risk policy, embedding relevant Group, regulatory and industry good practice requirements
• Manage the risk appetite statements for technology and digital risks in relation to cyber and provide reporting to the Risk committee of performance against these statements sampling
• Oversee and guide Cyber Risk mitigation projects and controls improvement initiatives. Lead and manage enterprise wide Red/Blue/Purple teaming activities and provide oversight for regulatory testing like CBEST/FCA Audits.
• Assess the effectiveness of processes and internal controls implemented by the first line and infrastructure functions through a programme of a sampling to evaluate their quality and associated documentation, and feedback for action
• Cloud Security Assessment: Oversight of cloud security and services, including AWS, Azure, GCP, or other cloud providers.
• Participate in cyber incident response planning, testing, and execution when invoked to support a real incident
• Participate in the annual programme of deep dive and thematic reviews, leading reviews where these relate to cyber across all business areas and outsourced service providers as may be required
• Assess first line processes and technical analysis of cyber security events and root cause as well as remedial solutions, and provide a second line view on their effectiveness
• Provide advice and guidance on compliance with regulatory requirements that relate to cyber risk and contribute to regulatory enquiries on the same.
• Oversee the identification, assessment, processing, analysis, and reporting of tactical and strategic threat intelligence to assist in decision making and actively thwart emergent and current threats targeting our organisation.

We have a diverse workforce and an inclusive culture at M&G Global Services, regardless of gender, ethnicity, age, sexual orientation, nationality, disability or long term condition, we are looking to attract, promote and retain exceptional people. We also welcome those who take part in military service and those returning from career breaks.