Enterprise Security Engineer

Enterprise Security Engineer - (Fixed Term Contract)

You will need to login before you can apply for a job.

View more categories View less categories Sector Technology Role Professional Contract Type Permanent Hours Full Time

Our purpose is to give everyone real confidence to put their money to work. With a heritage dating back more than 175 years, we have a long history of innovation in savings and investments, combining asset management and insurance expertise to offer a wide range of solutions. Our two distinct operating segments, Asset Management and Life, work together to provide access to balanced, long-term investment and savings solutions.

Through telling it like it is, owning it now, and moving it forward together with care and integrity; we are creating an exceptional place to work for exceptional talent. We will consider flexible working arrangements for any of our roles and also offer work place accommodations to ensure you have what you need to effectively deliver in your role.

The Role

Our Life & Technology business unit is facilitating business growth by launching a variety of new applications and undergoing a strategic journey of digitizing our services with an organization-wide migration to the cloud. The function of this role is collaborate across the business to initiate, design and manage strategic change for M&G in a holistic manner. The function will also focus on providing an affordable and reliable technology solutions and services that will very much be at the heart of our M&G business success.

Our Security Operations team are looking for highly motivated Enterprise Security Engineer with strong technical skills, problem solving abilities, deep customer affinity and strong communication skills.

Key Responsibilities

• Application Security reviews. Work with Security SDLC Tooling and key teams within Security Operations to ensure secure delivery of 3rd parties libraries and application container images
• Investigate and analyse suspected vulnerabilities and weak security controls while working across the various facets of the business unit
• Quantify and articulate security risk into business risk to inform key stakeholders of security findings
• Work closely with security operations teams on any reported or suspected vulnerability, emerging threats, incidents and improving continuous development tooling
• Security metrics delivery and improvements
• Automating Continuous Improvement and Continuous Development processes to include security by design
• Develop and maintain key relationships with key stakeholders across the business unit and the the various technology areas

You will have:

• BS in Computer Science or related field, or equivalent work experience
• Minimum of 2 years of experience with any combination of the following: threat modeling, secure coding, identity management and authentication, software development, cryptography, system administration and network security.
• Minimum of 2 years of experience with security engineering, system and network security, authentication and security protocols, cryptography, or application security.
• A deep understanding of Windows and Linux systems hardening, containerization, and cloud security controls.
• Experience of cloud and container technologies and solutions (particularly Microsoft Azure, Red Hat Openshift Container Platform/Kubernetes) and other SaaS/PaaS technologies.
• Experience of integrating security tooling within deployment pipelines
• Experience of operating in agile working practices and exposure to Atlassian products (Jira and Confluence), Azure Dev Ops, Github
• Exposure to continuous integration. continuous development related systems and techniques (e.g. Azure Dev Ops (VSTS) / Jenkins)
• Experience with or exposure to compliances (FedRAMP, SOC-2, PCI, ISO 27K, GDPR)
• Excellent verbal and written interpersonal skills, a phenomenal teammate with strong analytical, problem solving, debugging and troubleshooting skills.
• Demonstrate talent in technologies such as Java, Python, Powershell, Bash, Terraform, Azure ARM Infrastructure and KQL (for Azure Log Analytics queries)
• An ability to drive decisions and be hands on

What we offer:

• As a savings and Investments firm we are proud to offer a valuable pension scheme of 18%,
  with 13% made up of Employer Contributions and 5% Employee Contributions
  .We also offer Share Save and our Share Incentive Plan
  , together with access to financial wellbeing and support services - to help give you real confidence to put your money to work.
• Enjoy 38 days annual leave including bank holidays, with the opportunity to purchase up to 5 extra days and additional flexibility through our Time Off When You Need It policy - to balance your work and personal commitments.
• Our market leading Inspiring Families policy includes comprehensive support and paid parental leave covering maternity, adoption, surrogacy, and paternity leave - as supporting families is a core aspect of our inclusive culture.
• Health & Protection cover including Private Healthcare
  , Critical…