AVP - Cyber Risk Oversight

You will be working at M&G Global Services Private Limited, a subsidiary of the M&G plc group of companies, that provides a range of services to the Group since 2003. M&G aims to give real confidence to individuals to invest their money. The company, with a history of over 170 years, offers financial products and services through Asset Management, Life, and Wealth segments, ensuring financial success for clients and shareholders alike. M&G Global Services is rapidly growing and playing a crucial role in M&G plc's ambition to become a leading global savings and investments company. The company offers diverse services including Digital Services, Business Transformation, Management Consulting & Strategy, Finance, Actuarial, Quants, Research, Information Technology, Customer Service, Risk & Compliance, and Audit, providing employees with excellent career growth opportunities. As an oversight consultant specializing in Cyber Security, your role involves assessing the security posture and risks of the organization's on-premise and cloud-based infrastructure and applications. Your main goal is to identify vulnerabilities, evaluate risks, and offer recommendations to enhance the security of the cloud environment. Key Responsibilities: - Develop and maintain a high-level Cyber Risk policy, incorporating relevant Group, regulatory, and industry best practices - Manage the risk appetite statements for technology and digital risks related to cyber, and report performance against these statements to the Risk committee - Lead Cyber Risk mitigation projects and controls improvement initiatives, as well as enterprise-wide Red/Blue/Purple teaming activities and regulatory testing - Evaluate the effectiveness of processes and internal controls through sampling, providing feedback for improvement - Oversee cloud security assessment for services like AWS, Azure, GCP, and other cloud providers - Participate in cyber incident response planning, testing, and execution during real incidents - Lead deep dive and thematic reviews related to cyber across all business areas and outsourced service providers - Analyze cyber security events, root causes, and remedial solutions, providing a second-line view on their effectiveness - Offer guidance on compliance with regulatory requirements related to cyber risk and contribute to regulatory inquiries - Supervise the identification, assessment, processing, and reporting of tactical and strategic threat intelligence to counter threats targeting the organization efficiently.,