You will need to login before you can apply for a job.
All the details
Summary
We are seeking a Security Assurance and Advisory Principal to join our GRC team within an expanding and dynamic Information Security function.
You will support management of our security risk position by ensuring that appropriate mitigations are in place and their effectiveness is well understood.
Reporting into the Assurance and Advisory Lead, you will support a growing team of security assurance analysts in assessing and quantifying the mitigations to risks faced by M&S, providing guidance on remediation where necessary.
This is a global role that requires cross organisational influence over all areas of the business and technology, to support our mission in the management and reduction of Cyber Risk.
To stay close to customers, our support teams are in the office three days a week as we believe that skills are developed through collaboration, and that spending time together makes us more creative and connected.
What's in it for you
Being a part of M&S is exactly that - playing your part to bring the magic of M&S to our customers every day. We're an inclusive, dynamic, exciting, and ever evolving business built on doing the right thing and bringing exceptional quality, value, service to every customer, whenever, wherever and however they want to shop with us.
Benefits:
* After completing your probationary period, you'll receive 20% colleague discount across all M&S products and many of our third-party brands for you and a member of your household.
* Competitive holiday entitlement with the potential to buy extra holiday days!
* Discretionary bonus schemes awarded based on how you achieve your personal objectives and our performance as a business.
* A generous Defined Contribution Pension Scheme and Life Assurance.
* A dedicated welcome to our teams with a tailored induction and a wide range of training programmes to develop your skills.
* Amazing perks and discounts via our M&S Choices portal to maximise your financial and personal wellbeing.
* Industry-leading parental, adoption and neonatal policies, providing support and flexibility for your family.
* Access to a fantastic range of wellbeing support for all colleagues including access to our 24/7 Virtual GP and PAM Assist to support you and your family.
* A charity volunteer day to support a charity or cause you're passionate about through a dedicated day away from work.
What you'll do
* Support the delivery of assurance over the mitigations in place to manage the M&S security risk position.
* Support the provision of remediation and transformational advice on mitigations to drive improvements to the risk position.
* Engaging effectively with cross-business teams to support a consistent and cohesive view of the M&S Security risk position.
* Produce clear reporting to enable effective understanding and discussion of actions to address weaknesses in the M&S security risk position.
* Support the wider GRC function in providing clear, accurate and timely articulations of the security risk position.
* Remain up to date with the latest Information security risk management best practices and standards and disseminate knowledge across your team, risk owners and senior leadership.
* Manage, coach and mentor a growing team of security assurance analysts, sharing SME knowledge, working cross-business, providing clear direction and support, enabling them to develop their knowledge and skills.
Who you are
* Knowledgeable in Information security risk management and assurance.
* Applicable knowledge across a range of Information security domains.
* Experience in delivering security assurance and advisory activities.
* Experience in developing talent.
* Experience of articulation and communication across diverse stakeholders to empower discussion and decision making.
* Familiarity with industry-recognised standards and regulations (e.g., CIS-CSC, PCI, GDPR).
* Familiarity with attacker tactics, techniques, and procedures.
* +5 years' relevant industry experience.
* Ability to use lateral thinking to break a problem down into its component parts to identify and diagnose root causes.
Everyone's welcome
We are ambitious about the future of retail. We're disrupting, innovating and leading the industry into a more conscientious, inspiring digital era. We're transforming how we work together and offering our most exciting opportunities yet. Marks & Spencer strives to be an inclusive organisation, trusted and admired by our colleagues, customers and suppliers. Join us and make change happen.
We are committed to building diverse and representative teams, where everyone can bring their whole selves to work and be at their best. We support each other and work together to win together.
If you feel you'd benefit from any support or reasonable adjustments during any stage of the recruitment process, please don't hesitate to let us know when completing your application. This information will be picked up by our team, so we can try and put steps in place to help you be at your best through this process. #J-18808-Ljbffr