Vice President Enterprise Security (Data Security Engineer)

Company

We have a diverse workforce and an inclusive culture at M&G plc, underpinned by our policies and our employee-led networks who provide networking opportunities, advice and support for the diverse communities our colleagues represent. Regardless of gender, ethnicity, age, sexual orientation, nationality, disability or long term condition, we are looking to attract, promote and retain exceptional people.

Primary Key Responsibilities (Top 3-5 KRA)

· Ownership of the Encryption team Delivery including Encryption Controls, and the PKI environment.

· Develop and deliver on the encryption strategy, ensuring the target operating model is delivered.

· Drive tasks to completion for efforts associated with Data Security and Data Protection projects and initiatives; where needed, lead associated task efforts for small groups.

· Ensure Data Security requirements are embedded within all new architecture and infrastructure, working with Security Architecture, Security Engineering, Project Management, Development teams and third parties to ensure the implementation of the required level of security functionality into all new products and services.

Vice President Enterprise Security (Data Security Engineer)

Experience : 10+ Years

Location : Mumbai

Mandatory skills

• Encryption
• Quantum proof
• Quantum cryptography
• Data security : DLP : Data Loss Prevention
• Automation (RPA , AI , Power BI)
• Various tool : Quails and Tenable Microsoft DLP, Broadcom DLP, etc
• Exposure to migration to new DLP new initiatives , transformation projects
• Azure or Cloud environments, Azure would be an advantage
• Legislation, GDPR
• Documentation, Governance
• Target Organization : Financial organization

Good to have certification

• CISSP
• CISM CCSP

Experience:

• Experienced in working with UK stakeholders.

• 10+ years' experience working with Cybersecurity DLP

  , data classification or incident response (SOC) toolsets – Forcepoint, Proofpoint, Symantec, McAfee solutions for endpoint DLP, CASB, and/or email security gateways.

• 5+ years of Technology experience

  – system administration, application development, system integration, database design/development, etc. with understanding of Boolean logic, Regular Expressions and/or SQL
• In-depth knowledge of PKI principles and practices, including certificate authorities, key management, and digital signatures. Expertise in cryptographic protocols
• Proficiency in implementing and managing PKI infrastructure components such as certificate services, registration authorities, and certificate revocation lists.
• Threat Intelligence administration experience; have used or implemented the above program in some capacity, understanding incident response, analysis, rules, etc.
• Coding/Scripting experience (e.g. Python, Perl, PowerShell).
• Proven experience with creating Regular Expressions.
• Experience in information management skills, analysing the results of audits and reviews (performed by other functions) providing advice on acceptable risk, or risk mitigation strategies including the creation and implementation of controls and standards.
• Experience with data and business requirements gathering/analysis and translation to technology execution.
• Experience with SharePoint, Archer, ServiceNow, and/or Agile - a plus.
• Strong track record for dealing well with ambiguity, prioritizing needs, and delivering measurable results in an agile, fast-paced environment.

Educational Qualification:

• Graduate / Masters in (BE/B.Tech/M.Tech / ME / B.SC ) in Computer Science / Information Technology, MCA or legal related qualification demonstrating significant application of data protection laws and rules.

Knowledge:

• CISSP, CISM, SSCP, Security+, CCSP, ITIL qualified, CISA, CEH, Microsoft DLP, , MDCA certifications or equivalents would be advantageous.
• Knowledge on appropriate information security management and governance standards, e.g. ISO 27001, SoGP, CoBIT, ISF Code of Practice. and/or financial services regulations relating to IT (e.g. AAF, FSA).
• A thorough knowledge and understanding of information risk related legislations e.g. the GDPR , and Computer Misuse Act etc and worldwide equivalents.
• Knowledge of Cryptographic implementations, IRM, AIP, Access control, Security Operations.

Contact : Alagarasan, Krishna : krishna.alagarasan@mandg.com / 9619230917