Senior Specialist - IT Security

Company:

Description:

Marsh McLennan is seeking candidates for the following position based in the Phoenix AZ office.

Information Security Risk Senior Specialist

What can you expect?

• The Information Security Risk Senior Specialist will support the Mercer Information Security Risk and Compliance function, focusing on key compliance activities across various regulatory standards.
• The ideal candidate will play a vital role in reviewing RFPs, contracts, conducting gap analyses, and mapping security policies to ensure compliance.
• This role involves proactive engagement with multiple business units to align security efforts with Mercer’s broader objectives in health, wealth, and career services.
• This role reports to the Information Security Risk and Compliance Leader.

What is in it for you?

• Be able to work with a global team with a company with a strong brand and strong results to match.
• Be part of an organization with a culture of internal mobility, collaboration, valued partnership from the business and drive for innovation in data & analytics, including the latest AI technology
• Grow your career with direct exposure to Senior Technologists, Business Leaders, and Employee Resource Groups which provide access relevant volunteer and mentoring opportunities and interactions with counterparts in industry groups and client organizations.
• Competitive pay (salary and bonus potential), Full benefits package – starting day one (medical, dental, vision, STD/LTD, life insurance, RSP (Retirement Savings Plan or TFSA (tax free savings account.)
• Entitled to vacation, floating holidays, time off to give back to your community, sick days, and national holidays.

We will count on you to:

• Provide technical and information security expertise to complete RFPs, questions, questionnaires, contract reviews, and audits with efficiency and accuracy.
• Assist in managing information security compliance activities across regulatory standards like NIST, NYDFS, PCI-DSS, HIPAA, and GLBA, ensuring that Mercer’s security posture meets the highest standards.
• Collaborate with internal legal teams to review and analyze security-related documents and contracts, ensuring timely completion and addressing any potential risks.
• Lead gap analysis and mapping of security policies to relevant industry standards, identifying areas for improvement.
• Provide security guidance during the design, development, and implementation of applications, ensuring they comply with regulatory and internal security requirements.
• Organize and lead evidence sessions, ensuring all compliance documentation is up to date and ready for audit or regulatory review.

What You Need to Have:

• Bachelor’s degree in information security, accountancy, audit, information systems, or a related field, or equivalent work experience.
• Two or more years of experience in IT audit, IT security, or IT risk management.
• Experience with RFP processes, contract reviews, and performing gap analysis.
• Familiarity with compliance regulations like GDPR, PCI-DSS, HIPAA/HITECH, NIST, and NYDFS, and GLBA.
• Experience with Federal and State Government regulations is a plus.
• Proficiency in Microsoft Office products, particularly Excel, Word, and PowerPoint.
• A problem-solving mindset, with the ability to address security risks through innovative technical solutions.

What Makes You Stand Out:

• Security certifications such as CISSP, CISA, CISM, or ethical hacker certifications are a plus.
• Experience working with complex compliance regulations, particularly within the health, wealth, or career sectors

Marsh McLennan (NYSE: MMC) is the world’s leading professional services firm in the areas of risk, strategy and people. The Company’s more than 85,000 colleagues advise clients in over 130 countries. With annual revenue of $23 billion, Marsh McLennan helps clients navigate an increasingly dynamic and complex environment through four market-leading businesses. Marsh provides data-driven risk advisory services and insurance solutions to commercial and consumer clients. Guy Carpenter develops advanced risk, reinsurance and capital strategies that help clients grow profitably and pursue emerging opportunities. Mercer delivers advice and technology-driven solutions that help organizations redefine the world of work, reshape retirement and investment outcomes, and unlock health and well being for a changing workforce. Oliver Wyman serves as a critical strategic, economic and brand advisor to private sector and governmental clients. For more information, visit marshmclennan.com, or follow us on LinkedIn and X.

Marsh McLennan is committed to embracing a diverse, inclusive and flexible work environment. We aim to attract and retain the best people and embrace diversity of age background, disability, ethnic origin, family duties, gender orientation or expression, marital status, nationality, parental status, personal or social status, political affiliation, race, religion and beliefs, sex/gender, sexual orientation or expression, skin color, veteran status (including protected veterans), or any other characteristic protected by applicable law. If you have a need that requires accommodation, please let us know by contacting reasonableaccommodations@mmc.com

Marsh McLennan is committed to hybrid work, which includes the flexibility of working remotely and the collaboration, connections and professional development benefits of working together in the office. All Marsh McLennan colleagues are expected to be in their local office or working onsite with clients at least three days per week. Office-based teams will identify at least one “anchor day” per week on which their full team will be together in person.