The Cyber Risk Analyst provides independent second-line oversight of first-line cyber security across M&G plc, supporting the Lead Cyber Risk Consultant
Job Summary
The Cyber Risk Analyst provides independent second-line oversight of first-line cyber security across M&G plc, supporting the Lead Cyber Risk Consultant.
Key responsibilities include assessing control effectiveness, identifying and reporting cyber risks, planning and managing red team programmes, and delivering assurance testing.
M&G offers a valuable pension scheme, generous annual leave, market-leading family policies, and comprehensive health and protection benefits.
Matching Summary
The Cyber Risk Analyst provides independent second-line oversight of first-line cyber security across M&G plc, supporting the Lead Cyber Risk Consultant.
Skills & Requirements
Must-have
Second-line cyber risk oversight
Cybersecurity risk management expertise
Threat intelligence and vulnerability management
Security engineering and architecture
Incident response and analysis
Red Team testing and assurance
Nice-to-have
Pragmatic problem-solver
Curious and analytical mindset
Works well in diverse teams
Flexible working arrangements
Key Requirements
Experience in financial services, consulting, or technology cyber security/risk
Broad cyber security expertise
Understanding of second-line assurance principles
Experience with red teaming, penetration testing, or vulnerability scanning
Knowledge of enterprise security products and Microsoft Azure
Familiarity with CI/CD, DevSecOps, SAST, and Agile
Experience with risk/issue tracking tools and reporting
Ability to produce gap analyses against policies/standards