Vice President Enterprise Security (Privileged Access Management)

We are M&G Global Services Private Limited (formerly known as 10FA India Private Limited, and prior to that Prudential Global Services Private Limited). We are a fully owned subsidiary of the M&G plc group of companies, operating as a Global Capability Centre providing a range of value adding services to the Group since 2003. At M&G our purpose is to give everyone real confidence to put their money to work. As an international savings and investments business with roots stretching back more than 170 years, we offer a range of financial products and services through Asset Management, Life and Wealth. All three operating segments work together to deliver attractive financial outcomes for our clients, and superior shareholder returns.

M&G Global Services has rapidly transformed itself into a powerhouse of capability that is playing an important role in M&G plc’s ambition to be the best loved and most successful savings and investments company in the world.

Our diversified service offerings extending from Digital Services (Digital Engineering, AI, Advanced Analytics, RPA, and BI & Insights), Business Transformation, Management Consulting & Strategy, Finance, Actuarial, Quants, Research, Information Technology, Customer Service, Risk & Compliance and Audit provide our people with exciting career growth opportunities. Through our behaviours of telling it like it is, owning it now, and moving it forward together with care and integrity; we are creating an exceptional place to work for exceptional talent.

Primary Key Responsibilities (Top 3-5 KRA)

• CyberArk PAM Technical Leadership: Lead the company's Privileged Access Management (PAM) program, focusing on CyberArk solutions.
• CyberArk System Administration: Oversee the setup, operation, and optimization of CyberArk for managing privileged credentials across the organization.
• Policy Development: Develop and enforce security policies for privileged accounts, aligning with best practices and CyberArk capabilities.
• Risk Mitigation: Implement risk management strategies to address risks linked to privileged access using CyberArk's advanced security features.
• Team Leadership: Lead and mentor a team of PAM professionals with a focus on CyberArk technologies.

Additional Responsibilities:

• Stakeholder Collaboration: Collaborate with Enterprise Security, IT, and Risk Management teams to align solutions with organisational security initiatives.
• Access Control Management: Manage the lifecycle of privileged access within CyberArk, ensuring adherence to the principle of least privilege.
• Compliance & Auditing: Ensure compliance with regulatory frameworks for privileged access controls, providing necessary documentation for audits.
• System Enhancements: Evaluate and implement new modules, features, and upgrades to improve privileged access security.
• Incident Response: Lead responses to privileged access-related incidents, leveraging monitoring for swift containment and resolution.
• Vendor Management: Manage relationships with CyberArk and related vendors for timely support and system upgrades.
• User Training & Awareness: Create training materials and conduct workshops on CyberArk usage, emphasising the security of privileged access.
• Continuous Improvement: Stay updated on product updates, security best practices, and emerging threats to keep the PAM program aligned with the cybersecurity landscape.
• Project Leadership: Oversee PAM-related projects, including integrations of CyberArk with systems like SIEMS, ticketing, and other security solutions.

Knowledge & Skills

• CyberArk Expertise: Deep hands-on experience with CyberArk, including modules such as the Vault, Password Vault Web Access (PVWA), Privileged Session Manager (PSM), Privileged Session Manager Proxy (PSMP), Central Policy Manager (CPM), Application Identity Manager (AIM), Application Access Manager (AAM), and Secure Web Sessions (SWS).
• Security Standards Knowledge: Strong understanding of security frameworks and best practices such as ISF, NIST, and industry compliance requirements (e.g. AAF, SOX).
• Technical Problem-Solving: Ability to troubleshoot and resolve complex issues within the CyberArk environment.
• Leadership & Communication: Excellent leadership abilities with strong communication skills to work with both technical teams and non-technical stakeholders.
• Risk & Compliance: Strong understanding of regulatory requirements and how CyberArk can be used to meet compliance standards.
• Strong understanding of authentication protocols, APIs, and integration patterns.

Experience

• 12+ years of experience in cybersecurity, with at least 4 years focused on managing and administering CyberArk PAM solutions.
• Demonstrated experience implementing and optimising CyberArk in a large enterprise environment.
• Proven leadership experience in managing teams, specifically in cybersecurity or privileged access management roles.
• Experience with auditing and compliance reporting using CyberArk tools.
• Experience with integrating CyberArk with various security technologies such as SIEMS, IAM, and incident response platforms.

Relevant Qualifications

• A degree in Computer Science, Information Security, or a related field. A master’s degree is a plus.
• Professional certifications such as CISSP, CISM, or similar are preferred.
• CyberArk certifications (Defender, Sentry, or Guardian) are highly desirable.

We have a diverse workforce and an inclusive culture at M&G Global Services, regardless of gender, ethnicity, age, sexual orientation, nationality, disability or long term condition, we are looking to attract, promote and retain exceptional people. We also welcome those who take part in military service and those returning from career breaks.