• Competitive
  • Édimbourg, Ecosse, Royaume-Uni
  • CDI, Plein-temps
  • M&G Prudential
  • 2019-05-26

Enterprise Security Engineer - Core Policy & Document Systems

  • Plein-temps
  • Édimbourg, Ecosse, Royaume-Uni
  • 26 mai 19

Enterprise Security Engineer - Core Policy & Document Systems

Enterprise Security Engineers

Edinburgh, Reading

Working with M&GPrudential as a Security Engineer means becoming part of a brand with a global reputation and an exciting vision: to become the best loved and most successful savings & investments business.

The forthcoming planned de-merger of M&GPrudential from the Prudential Group PLC provides a terrific opportunity to create a truly international and integrated savings and investments firm. A firm built on a rich and long history and with a commitment to an innovative future centred on the needs of customers and clients. There is a genuine opportunity to drive competitive advantage with value creation through the formation of this new organisation.

If you're inspired to join us, and have the necessary qualities, then this could be the opportunity you've been looking for.

The Role:

An exciting opportunity has arisen for a number of Enterprise Security Engineers to join our Transformation and Innovation Team.

The Transformation & Innovation team joins up our capabilities, processes and governance across Change and IT to provide both a strategic capability plus a leading edge technology footprint to support the transformation of M&GPrudential and delivery of our Vision for 2020 and beyond. The role of the function is to collaborate across the business to initiate, design and manage strategic change for M&GPrudential in a holistic manner. The function will also focus on providing affordable and reliable technology solutions and services that will very much be at the heart of Prudential's business success.

Our Platform teams, are looking for highly motivated Enterprise Security engineers with strong technical skills, problem solving abilities, deep customer affinity and strong communications skills to join our Platform operations teams.

Key Responsibilities:

  • Application security reviews. Run regular secure coding and design reviews for developers
  • Penetration testing and platform security reviews for feature teams and developers
  • Projects and research work as needed, including development of security automation capabilities in the cloud and on premise environments as part of a "DevSecOps" mentality
  • Security training and outreach to internal development teams
  • Security guidance documentation
  • Work closely with security operations teams on any reported or suspected vulnerability, emerging threats, incidents and improving continuous deployment tooling.
  • Security tool development to operate cyber security across IT, Networks and Desktop environments
  • Security metrics delivery and improvements
  • Automating Continuous Improvement and Continuous Development processes to include security by design
  • Interface with QA teams by implementing automated security unit and functional tests

You will have:
  • BS in Computer Science or related field, or equivalent work experience.
  • Minimum of 2 years of experience with any combination of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security.
  • Minimum of 2 years of experience with security engineering, system and network security, authentication and security protocols, cryptography, or application security.
  • Experience as a security consultant in pension based and/or financial systems preferred
  • A deep understanding of Linux systems hardening, containerization, and cloud security controls
  • Experience of container technologies and solutions such as Microsoft Azure, Kubernetes and other similar cloud computing technologies
  • Strong understanding of SSL certificate management, PKI, CA and their use
  • Experience with or exposure to compliances (FedRAMP, SOC-2, PCI, ISO 27k, GDPR)
  • Excellent verbal and written interpersonal skills, a phenomenal teammate with strong analytical, problem solving, debugging and troubleshooting skills
  • Experience of container technologies and solutions such as Microsoft Azure, Kubernetes and other similar cloud computing technologies
  • Demonstrable talent in coding technologies such as Java, Python, PHP
  • Experience of operating in agile working practices and exposure to Atlassian, Github, Jira and Confluence
  • Exposure to continuous integration/ continuous development related systems and techniques (e.g. Jenkins)
  • The ability to drive decisions and be hands on.

People who work at M&GPrudential agree that ours is a great place to work with a brilliant team spirit. It's also an innovative, high-performing, commercial environment that's totally focused on customers. As an M&G Prudential colleague you'll get all the support you'd expect, including full training and professional development. You'll receive a competitive salary and reward package. And in a fast-changing world, you'll join an organisation that's leading the way in helping customers achieve their long-term financial goals.

M&GPrudential is committed to a diverse and inclusive workplace. Our role as an employer is very simple - to provide the right environment for talented people to do their best work, by respecting, understanding and valuing individual differences.

We welcome applications from individuals who have taken an extended career break, and we are willing to consider flexible working arrangements for all of our roles.

Recruiter: Beth Eckersley
Location: Edinburgh or Reading