Security Operations Analyst

M&G Investments

We are not your average financial services firm and our unique culture is just one aspect that makes us stand out from the crowd. We offer a supportive environment that encourages innovation and creativity whilst maintaining a healthy lifestyle balance. You will be joining one of Europe's leading Investment Management firms where you can expect real responsibility and recognition from day one. We are large enough to offer a wide variety of career opportunities, whilst small enough to treat you as an individual and tailor training and development to your specific needs.

The Opportunity

We are looking to recruit a Security Operations Analyst to join the Information Risk Management Team.

You will be within the Security Operations Team undertaking important security work designed to safeguard our information systems including: identifying and solving security problems, undertaking security assessments, monitoring and managing staff access to our in-house and cloud based system systems.

Your key responsibilities will be...

Identity and Access Management

* Operate controls and monitoring in respect of the Group's identity and management arrangements, in accordance with policy.
* Monitor data quality and conduct cleansing exercises to ensure that IAMs control structures (Approval Model, Information Ownership, System Classification )remain in place
* Provide input to the development of IAMs technology and process improvements.
* Develop and maintain procedures for all IAMS related tasks
* Respond to business queries related to IAMs to ensure that existing controls are followed / maintained.
* Assist with the development of role based access, engaging the business as required.
* Maintain the IAMS Access Catalogue, ensuring that access levels are correctly defined and helpful to the business.
* Participate in the on boarding of new applications to ensure that they are correctly classified, tagged, and have appropriate security controls in place.

Security Monitoring

* Undertake security monitoring and investigations, identify and report exceptions. Ensure that monitoring is undertaken in accordance with the as the Recertification plan.
* Analyse the findings from Data Loss Prevention (DLP) scans to identify policy violations and take remedial action
* Monitor and review exceptions to standards and policies to ensure that the principle of least privilege is applied, and that this access is removed if no longer required.
* Operate the Group's system user access recertification, ensuring that appropriate escalation occurs where this is not completed or where it identifies trends in incorrect access

Security Project Work

* Undertake security project work as required by the Security Operations and Information Risk Manager.
* Assist with the creation of business support documentation and staff training. Contribute to user focus groups as required.

What we are looking for...

We are ideally looking for you to have a relevant information risk or security qualification (e.g. CISA, CISSP, SSCP) or is prepared to study to achieve this.

You will be able to work independently and as part of a team with good communication. Attention to detail is key and you will need to have an analytical approach to work with excellent data analysis and excel skills.

It is important for you to be self- motivated, able to multi task and complete work within agreed deadlines.

As well as strong relationship management skills with personnel at all levels, it is essential to have an understanding of the opportunities and security risks associated with people, technology and processes.

M&G is committed to a diverse and inclusive workplace. Our role as an employer is very simple - to provide the right environment for talented people to do their best work, by respecting, understanding and valuing individual differences.

We welcome applications from individuals who have taken an extended career break, and we are willing to consider flexible working arrangements for all of our roles.