Manager- Supply Chain Security

Role Overview: M&G Global Services Private Limited, a subsidiary of M&G plc, is a Global Capability Centre offering a wide range of services to the group. Your role at M&G involves assessing and reporting on information security general controls, monitoring remedial activities, demonstrating a positive risk and control culture, ensuring regulatory compliance, and assisting with reporting on technology and information security control effectiveness. Key Responsibilities: - Assess and report the effectiveness of information security general controls throughout the supplier lifecycle with M&G. - Track, monitor, and report on remedial activities arising from supplier information security due diligence activity. - Demonstrate a positive risk and control culture through the active identification, assessment, monitoring, and management of risks and controls. - Ensure adherence to all external regulatory, legal, and industry obligations. - Assist with reporting of technology and information security control effectiveness and policy compliance levels. Additional Details of the Company: M&G Global Services offers diversified service offerings including Digital Services, Business Transformation, Management Consulting & Strategy, Finance, Actuarial, Quants, Research, Information Technology, Customer Service, Risk & Compliance, and Audit. The company values behaviours such as telling it like it is, owning it now, and moving it forward together with care and integrity. Qualification Required: - Prefer SSCP, CISA, CISM, ITIL qualified individual. - Working knowledge of financial services regulatory and legislative frameworks. - Working knowledge of information security regulations and legislation. - Desirable to have working knowledge of industry best practices, information security management, and governance standards. - Understanding of key information security risks and ability to develop mitigation options. Key Stakeholder Management: Internal stakeholders include Head of Supply Chain Security, Enterprise Security & Privacy, Technology teams, First line GRC, Risk & IA, Business Unit Representatives, Procurement & Third Party Risk team, and Privacy team. External stakeholders include External Suppliers, Data Protection and Information Security industry bodies, members, and auditors. Skills Required: - Good analytical and multi-tasking skills. - Ability to understand processes and infrastructure. - Strong understanding of information security methodologies, frameworks, and tools. - Excellent people management and communication skills. - Ability to work effectively in changing environments with limited supervision. Experience: - 4+ years of experience in IT/information security/risk management/audit/assurance/business continuity/supplier management. - Experience in working with UK stakeholders. Educational Qualification: - Graduate in any discipline.,