Senior IT Security Analyst
Mexico City - Paseo
Marsh McLennan
Marsh McLennan is the world’s leading professional services firm in risk, strategy and people. We bring together experts from across our four global businesses — Marsh, Guy Carpenter, Mercer and Oliver Wyman — to help make organizations more...Company:
MarshDescription:
Senior IT Security Analyst
We are seeking a Senior IT Security Analyst to join our Applications Development team at Mercer. This role will be based in Mexico City. This is a hybrid role that has a requirement of working at least three days a week in the office. As an IT Security Analyst at Marsh, you will apply your information and cybersecurity knowledge and experience in supporting business client audits, contracts, and requests originating from various global locations with an emphasis on the Americas.
We will count on you to:
- Partner with the legal teams to review documents and contracts which define 3rd party and client relationships, communicate potential issues, propose mitigations, and shepherd contracts to completion as it pertains to information and cybersecurity clauses.
- Provide relevant technical and security expertise and assistance with client questions, Requests for Proposal (RFP), questionnaires, reviews, and audits.
- Cultivate security awareness of applicable regulations and standards, upstream risks, and industry best practices across the organization.
- Serve as a security subject matter expert to ensure compliance with local Industry and regulatory rules and requirements.
- Perform or manage information security risk assessments (i.e., PCI Self Assessments, ISO27001, etc.) as needed for comply with security standards and regulations.
- Confidence in engaging with business and technology stakeholders to help them better manage their technology risk through pragmatic and fit for purpose solution.
What you need to have:
- A bachelor’s degree or equivalent work experience in information security, accountancy, audit, information systems, or other related field of study.
- 4+ years of work experience in IT audit, IT security, or IT risk management work.
- Knowledge of common information security management frameworks, such as ISO/IEC 27001, and NIST along with other relevant information security and data protection regulations and standards.
- Written and spoken English at an advanced level is required.
- Strong communication, organizational skills, interpersonal, and collaborative skills.
- Proficient knowledge of Microsoft Office products including Excel, Word, and PowerPoint.
What makes you stand out:
- Knowledge of NYDFS, DORA, PCI-DSS, GDPR, HIPAA/HITECH, NIST, CPS234 and/or other relevant information security regulations and standards.
- Information security related certification like CISA/CISM/CISSP
- Excellent problem-solving skills and the ability to work collaboratively in a team environment.
Why join our team:
- We help you be your best through professional development opportunities, interesting work and supportive leaders.
- We foster a vibrant and inclusive culture where you can work with talented colleagues to create new solutions and have impact for colleagues, clients and communities.
- Our scale enables us to provide a range of career opportunities, as well as benefits and rewards to enhance your well-being.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits CISA CISM CISSP Compliance GDPR HIPAA ISO 27001 NIST RFPs Risk assessment Risk management Strategy
Perks/benefits: Career development Flex hours
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.