Security Enablement

Prudential’s purpose is to be partners for every life and protectors for every future. Our purpose encourages everything we do by creating a culture in which diversity is celebrated and inclusion assured, for our people, customers, and partners. We provide a platform for our people to do their best work and make an impact to the business, and we support our people’s career ambitions. We pledge to make Prudential a place where you can Connect, Grow, and Succeed.

The Security Enablement Manager is a pivotal role in Group Information Security & Privacy responsible for (i) centrally leading Information Security & Privacy initiatives across group entities by centralizing efforts to build consistency and alignment with the GISP strategic roadmap (ii) Partnering with BISO teams to focus on convergence, harmonization and levelling the maturity InfoSec & Privacy practices and initiatives across the Group (iii) centrally building data-driven insights to safeguard the organisation against cyber threats, as well as demonstrate value realization of InfoSec and Privacy initiatives.

Essential Job Duties & Responsibilities:

- Security Enablement (Delivery)
- Serve as an enabler to champion the delivery of the GISP strategic roadmap, including managing delivery constraints such as time, resource, scope, risk, dependencies etc.
- Participate / chair associated delivery / enablement forums to drive consistency, alignment, delivery and value realisation of the GISP strategic roadmap.
- Ensure that open actions are duly documented and followed up to closure.
- Pursue end-to-end continuous improvement opportunities on Security Assurance and Enablement initiatives.
- Security Enablement (Assurance Insights)
- Develop a data-driven assurance insights roadmap and framework and methodology to provide risk insights to centrally monitor, measure and track compliance and risk remediation activities, including supporting audit fieldwork fulfillment.
- Participate / chair assurance forums to support the business with clear, data driven insights to drive short and long term assurance objectives.
- Develop and maintain data driven risk reduction data points and insights to inform the future assurance roadmap.
- Partner with first-line central / business unit teams to support organizational risk reduction actions.
- Stakeholder & Business Management
- Possess good interpersonal and stakeholder management skills essential for building strong partnerships across central and business entities.
- Develop strategies for building strong relationships with key stakeholders, to ensure delivery of the strategic roadmap aligns with the predetermined strategy and contribute to the organization’s overall InfoSec & Privacy goals and delivery chain.
- Ensure that appropriate Service-Level Agreements and underpinning contracts are defined, measured and monitored.
- Ensure that control postures are clearly articulated with the necessary roles and responsibilities clearly defined and understood.
- Management Reporting
- Develop strategies and data-driven value data-points / insights to
- Articulate InfoSec & Privacy risk heatmaps across the organisation
- Inform strategic InfoSec & Privacy decisions
- Demonstrate value in by relating operational outcomes / risk reduction to actual organizational / business impact.

Knowledge & Abilities
- Communication - Able to work and spread positive "security awareness and control due-diligence" influence with people from various levels of the organization effectively.
- Technical Depth - Technically competent to be able to translate information security topics, initiatives / program into something that is digestible for stakeholders outside of information security community.
- Know your Business - Strong business acumen within the insurance / financial services industry and related operational fields.
- Controls Framework - Knowledge of industry control framework, best practise, laws (e.g. GDPR, countries privacy laws, etc) and regulatory landscape. Practical hands-on experience with supporting audit fieldwork activities.
- Risk Management - Able to provide information security advises and opinions that continuously strike the right balance between controls enforcement, risk appetite and nett risk exposure.

Technical Skills
- At least 4 years of experience in IT Security / Data Project Management
- Working experience with using and configuring the Atlassian Suite (Jira, Confluence, Bitbucket, Bamboo)
- Strong analytical skills with proficient ability in data visualization and communication.
- Experience with building BI dashboards using Microsoft PowerBI
- Certified Information Security Professional (CISSP), or other related certifications (e.g. CISM, CISA) preferred.

Other Requirements
- Proactive Team Player
- Possesses effective communication skill (written and spoken)
- Ability to work independently in a dynamic environment
- Ability to handle concurrent responsibilities and tight deadlines
- Some busine