Enterprise Security Engineer

M&G

  • Edinburgh
  • Permanent
  • Full-time
  • 6 days ago
At M&G our purpose is to give everyone real confidence to put their money to work. As an international savings and investments business with roots stretching back more than 170 years, we offer a range of financial products and services through Asset Management, Life and Wealth. All three operating segments work together to deliver attractive financial outcomes for our clients, and superior shareholder returns.Through our behaviours of telling it like it is, owning it now, and moving it forward together with care and integrity; we are creating an exceptional place to work for exceptional talent.We will consider flexible working arrangements for any of our roles and also offer work place accommodations to ensure you have what you need to effectively deliver in your role.The RoleOur Life & Technology business unit is facilitating business growth by launching a variety of new applications and undergoing a strategic journey of digitizing our services with an organization-wide migration to the cloud. The function of this role is collaborate across the business to initiate, design and manage strategic change for M&G in a holistic manner. The function will also focus on providing an affordable and reliable technology solutions and services that will very much be at the heart of our M&G business success.Our Security Operations team are looking for highly motivated Enterprise Security Engineer with strong technical skills, problem solving abilities, deep customer affinity and strong communication skills.Key Responsibilities
  • Application Security reviews. Work with Security SDLC Tooling and key teams within Security Operations to ensure secure delivery of 3rd parties libraries and application container images
  • Investigate and analyse suspected vulnerabilities and weak security controls while working across the various facets of the business unit
  • Quantify and articulate security risk into business risk to inform key stakeholders of security findings
  • Work closely with security operations teams on any reported or suspected vulnerability, emerging threats, incidents and improving continuous development tooling
  • Security metrics delivery and improvements
  • Automating Continuous Improvement and Continuous Development processes to include security by design
  • Develop and maintain key relationships with key stakeholders across the business unit and the the various technology areas
You will have:
  • BS in Computer Science or related field, or equivalent work experience
  • Minimum of 2 years of experience with any combination of the following: threat modeling, secure coding, identity management and authentication, software development, cryptography, system administration and network security.
  • Minimum of 2 years of experience with security engineering, system and network security, authentication and security protocols, cryptography, or application security.
  • A deep understanding of Windows and Linux systems hardening, containerization, and cloud security controls.
  • Experience of cloud and container technologies and solutions (particularly Microsoft Azure, Red Hat Openshift Container Platform/Kubernetes) and other SaaS/PaaS technologies.
  • Experience of integrating security tooling within deployment pipelines
  • Experience of operating in agile working practices and exposure to Atlassian products (Jira and Confluence), Azure DevOps, Github
  • Exposure to continuous integration. continuous development related systems and techniques (e.g. Azure DevOps (VSTS) / Jenkins)
  • Experience with or exposure to compliances (FedRAMP, SOC-2, PCI, ISO 27K, GDPR)
  • Excellent verbal and written interpersonal skills, a phenomenal teammate with strong analytical, problem solving, debugging and troubleshooting skills.
  • Demonstrate talent in technologies such as Java, Python, Powershell, Bash, Terraform, Azure ARM Infrastructure and KQL (for Azure Log Analytics queries)
  • An ability to drive decisions and be hands on
We have a diverse workforce and an inclusive culture at M&G plc, underpinned by our policies and our employee-led networks who provide networking opportunities, advice and support for the diverse communities our colleagues represent. Regardless of gender, ethnicity, age, sexual orientation, nationality, disability or long term condition, we are looking to attract, promote and retain exceptional people. We also welcome those who take part in military service and those returning from career breaks.M&G is also proud to be a , and we welcome applications from candidates with long-term health conditions, disabilities, or neuro-divergent conditions. Being a Disability Confident Leader means that candidates who meet the minimum criteria of a job, will be offered an interview if they 'opt in' to the scheme when applying.If you need assistance or an alternative means of applying for a role due to a disability or additional need, please let us know by contacting us at:

M&G