Senior Manager Enterprise Security (Supply Chain Security)

Benefits

Additional Information

About M&G India We are M&G India, the strategic innovation and digital hub for M&G. Established in 2003, we have offices in Mumbai and Pune. Our teams work closely with colleagues across the Group worldwide to drive transformation, build digital capability, and support sustainable growth. By leveraging technology, AI, automation, and process excellence, we bring new ways of thinking to improve outcomes for both customers and colleagues. Grounded in a vibrant culture with strong foundations, we are central to how M&G is transforming as a business. About M&G Our purpose is to give everyone real confidence to put their money to work. With a heritage dating back more than 175 years, we have a long history of innovation in savings and investments, combining asset management and insurance expertise to offer a wide range of solutions. Our two distinct operating segments, Asset Management and Life, work together to provide access to balanced, long-term investment and savings solutions. Through telling it like it is, owning it now, and moving it forward together with care and integrity; we are creating an exceptional place to work for exceptional talent. Primary Key Responsibilities (Top 3-5 KRA) For technical specialists, accountable for delivering expert advice or service, using specialist knowledge and subject matter expertise. Systematic assessment of Supply Chain Security Risk in the business and development of appropriate strategies to manage this risk. Ensuring that existing Enterprise Security Policy, Standards Process and Guidelines are consistently embedded and communicated across the business units, ensuring appropriate alignment with business need and providing effective and proactive mitigation of related risks to M&G. Provision of specialist consultancy and advice on Supply Chain Security management to managers, project teams and infrastructure delivery teams (including provision of guidance on conformance with the legal aspects of information processing, e.g. GDPR, Computer Misuse Act etc). Ensuring supply Chain Security requirements are embedded within all new architecture and infrastructure, working with Security Architecture, Project Management, Development teams and third parties to ensure the implementation of the required level of security functionality into all new products and services. Additional Responsibilities : Evaluation of Enterprise Security & Privacy tools, products and solutions, and contributing to the decision process for their purchase and use. To support development, definition and operation of controls to manage information security risks. Development of new ideas to contribute to the continued success of the department and the services provided. Providing specialist advice and guidance to managers, project teams, infrastructure delivery team and Enterprise Security & Privacy peers. To work with internal and external teams to ensure that appropriate levels of security functionality are in place. To identify, analyse and mitigate the risks inherent in working with other organizations as part of a Supply Chain Security. Ensure Enterprise Security & Privacy internal and external audits are effectively communicated and subsequent remedial activities are followed through to agreed actions Assist in management of security incidents relating to Supply Chain. Moderate the annual review and update of information security related policies and processes. Stay up-to-date on information technology trends and security standards. Conduct trainings to educate and develop security awareness in the workforce on information security Provide guidance on associated regulations & legislations. Research & assess information security vulnerabilities. Acting as an ambassador for Enterprise Security Management. Compliance - To ensure that you understand and adhere to M&G's Code of Conduct and, where appropriate, comply with all relevant regulatory policies. This includes completion of any mandatory training requirements. To demonstrate a positive risk, compliance and control culture through the identification, assessment, monitoring and management of risks and issues within the business area, alongside ensuring timely and appropriate resolution of control weaknesses, actions and failures that arise. Key Stakeholder Management Internal Head of Supply Chain Security CISO Leadership Team (Senior Management Team) Technology teams First line GRC Risk and IA Business Unit Representatives for all Business Areas Procurement & Third Party Risk team Privacy team External External Supplier Data Protection and Information Security industry bodies and members and auditors. Knowledge, Skills, Experience & Educational Qualification Knowledge: Qualifications such as CISSP, CISA, CISM Lead Auditor of equivalents would be advantageous Working knowledge of financial services regulatory and legislative frameworks. Working knowledge of Information Security regulations and legislation. It is desirable to have workin

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at mgpru? Share your experience