Job Description

We are M&G Global Services Private Limited (formerly known as 10FA India Private Limited, and prior to that Prudential Global Services Private Limited). We are a fully owned subsidiary of the M&G plc group of companies, operating as a Global Capability Centre providing a range of value adding services to the Group since 2003. At M&G our purpose is to give everyone real confidence to put their money to work. As an international savings and investments business with roots stretching back more than 170 years, we offer a range of financial products and services through Asset Management, Life and Wealth. All three operating segments work together to deliver attractive financial outcomes for our clients, and superior shareholder returns.M&G Global Services has rapidly transformed itself into a powerhouse of capability that is playing an important role in M&G plcxe2x80x99s ambition to be the best loved and most successful savings and investments company in the world.Our diversified service offerings extending from Digital Services (Digital Engineering, AI, Advanced Analytics, RPA, and BI & Insights), Business Transformation, Management Consulting & Strategy, Finance, Actuarial, Quants, Research, Information Technology, Customer Service, Risk & Compliance and Audit provide our people with exciting career growth opportunities. Through our behaviours of telling it like it is, owning it now, and moving it forward together with care and integrity; we are creating an exceptional place to work for exceptional talent.Enterprise Security & Privacy is responsible for the provision of an Information Security management service to the business units within M&G. This role supports the delivery of that service in the Vulnerability Management pillar i.e. Consultancy, support and delivery of VM Program throughout lifecycle Infrastructure in M&G businessPrimary Key Responsibilities (Top 3-5 KRA)

• Keep a check on Reporting, Metrics and Power BI Deliverables.
• Implement a comprehensive vulnerability management program, including policies, procedures, and best practices.
• Oversee the scheduling and execution of regular vulnerability assessments and scans across the organization's network, systems, and applications.
• Ensure accurate analysis of vulnerability scan results and prioritize remediation efforts based on risk assessments.
• Collaborate with IT, development, and other teams to ensure timely and effective remediation of identified vulnerabilities.
• Develop and present detailed reports on the status of vulnerabilities, remediation efforts, and risk assessments to various stakeholders.

Additional Responsibilities :

• Stay informed about the latest cybersecurity threats, vulnerabilities, and mitigation techniques, and ensure the team remains up-to-date with industry trends.
• Coordinate with incident response teams during security incidents, providing expertise on vulnerability exploitation and mitigation.
• Support regular security reviews and audits to ensure compliance with internal policies, external regulations, and industry standards.
• Establish and maintain relationships with internal stakeholders to ensure compliance and remediation of vulnerabilities.

Knowledge:

• Bachelorxe2x80x99s degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• Proven experience in a vulnerability management.
• Strong understanding of common vulnerabilities and exposure (CVE) and common vulnerability scoring system (CVSS).
• Proficiency with vulnerability management tools (e.g., Nessus, Qualys, Rapid7).
• Knowledge of security frameworks and standards (e.g., NIST, ISF, CIS).
• Excellent analytical and problem-solving skills.
• Strong communication and interpersonal skills.
• Ability to work independently and as part of a team.
• Relevant certifications (e.g., CISSP, CISM, CEH) are a plus.

Skills:

• Excellent analytical and multi-tasking skills.
• Able to look at and understand processes and infrastructure.
• Good understanding in information security methodologies, frameworks and tools
• Have the ability to drive initiatives through cross functional teams and drive alignment with key stakeholder
• Ability to build relationships at all levels in the business.
• Ability to present reports in meetings.
• Ability to understand organisational culture and use this knowledge to gain commitment and get work done.
• Ability to provide support to and accept direction from colleagues in other areas.
• Remain effective in situations when responsibilities, tasks, priorities and / or work environment change significantly.
• Ability to assess multiple options (including consequences) in parallel, while working on possible solutions.
• Ability to work with limited supervision, seeking guidance where appropriate.
• Confident communicator, able to get the message across clearly and concisely via appropriate channels, whether verbal or written.

Experience:

• 6+ years experience of working or studying in at least one of the following areas: IT / information security / risk management / Vulnerability Management
• Experienced in working with UK stakeholders.

Educational Qualification:

• Graduate in any discipline.

We have a diverse workforce and an inclusive culture at M&G Global Services, regardless of gender, ethnicity, age, sexual orientation, nationality, disability or long term condition, we are looking to attract, promote and retain exceptional people. We also welcome those who take part in military service and those returning from career breaks.

M&G