Cyber Security Senior Manager

Company:

Mercer

Description:

We are seeking a talented individual to join our team at Mercer. This role will be based in Toronto, Canada. This is a hybrid role that has a requirement of working at least three days a week in the office.

The Cybersecurity Sr. Manager is responsible for leading the Global Information Security team, overseeing the operational management and strategic direction of key cybersecurity programs while proactively identifying and remediating threats and vulnerabilities across our network and cloud infrastructure. 

We will count on you to:

• Oversee the day-to-day operations, identifying, scanning, processes, procedures, workflows, system maintenance, and effective prioritization for the following programs, with a strong adherence to established Service Level Agreements (SLAs) and Service Level Objectives (SLOs):

  • Vulnerability Management for Network Infrastructure

  • Vulnerability Management & Cloud Security Posture Management (CSPM) for Cloud Infrastructure

  • Cybersecurity Intelligence Data Integrations

  • Secrets Management

  • Penetration Testing

  • Incident Response and Investigations

• Lead and influence teams, including business unit CISOs and IT groups, to prioritize vulnerabilities and drive timely remediation actions.

• Contribute to and lead enterprise-level cybersecurity projects, adapting to evolving business needs and emerging cyber threats.

• Ensure continuous discovery and analysis of new threats and vulnerabilities, facilitating effective prioritization and remediation to reduce the attack surface.

• Support cloud infrastructure vulnerability management by implementing industry-leading systems and integrating them with existing security infrastructure for comprehensive cybersecurity intelligence.

• Perform monthly KPI analysis and provide insightful reports on performance, while fostering cross-functional collaboration to maintain a unified and proactive security posture.

What you need to have:

• Bachelor's degree in Cybersecurity, Information Technology, or a related engineering discipline, or 10+ years of relevant experience, with a minimum of 5+ years in a cybersecurity management role.

• Experience with security frameworks (e.g., NIST, ISO 27001) and compliance requirements.

• Proficient in using vulnerability scanning tools (e.g., Tenable, Qualys, Rapid7) and patch management systems, along with other security technologies.

• Demonstrated experience managing vulnerabilities in cloud environments (e.g., AWS, Azure, GCP) and supporting various network configurations, operating systems, and applications.

• Expert knowledge of data security administration principles and proficiency in administering Microsoft, Linux, and Unix platforms, with a minimum of 10 years integrating and managing cybersecurity tools and systems.

What makes you stand out:

• 7+ years of experience in a cybersecurity management role, with a strong preference for candidates holding relevant certifications (e.g., CISSP, CISM, OSCP, CCSP).

• Proven success in optimizing vulnerability management across network, cloud, and application environments while integrating security intelligence.

• Strong understanding of evolving threats and a demonstrated track record of improving proactive security posture.

Why join our team:

• We help you be your best through professional development opportunities, interesting work and supportive leaders.

• We foster a vibrant and inclusive culture where you can work with talented colleagues to create new solutions and have impact for colleagues, clients and communities.

• Our scale enables us to provide a range of career opportunities, as well as benefits and rewards to enhance your well-being.

#LI-JG3

Marsh McLennan (NYSE: MMC) is a global leader in risk, strategy and people, advising clients in 130 countries across four businesses: Marsh, Guy Carpenter, Mercer and Oliver Wyman. With annual revenue of $24 billion and more than 90,000 colleagues, Marsh McLennan helps build the confidence to thrive through the power of perspective. For more information, visit marshmclennan.com, or follow on LinkedIn and X.

Marsh McLennan is committed to embracing a diverse, inclusive and flexible work environment. We aim to attract and retain the best people and embrace diversity of age background, disability, ethnic origin, family duties, gender orientation or expression, marital status, nationality, parental status, personal or social status, political affiliation, race, religion and beliefs, sex/gender, sexual orientation or expression, skin color, or any other characteristic protected by applicable law. In accordance with the Accessibility for Ontarians with Disabilities Act, 2005, Marsh McLennan will provide a reasonable accommodation to employees and prospective employees to the point of undue hardship upon request and as required in respect of the individual’s particular restrictions and limitations. If you require a specific accommodation because of a disability or medical need, please contact reasonableaccommodations@mmc.com.

Marsh McLennan is committed to hybrid work, which includes the flexibility of working remotely and the collaboration, connections and professional development benefits of working together in the office. All Marsh McLennan colleagues are expected to be in their local office or working onsite with clients at least three days per week. Office-based teams will identify at least one “anchor day” per week on which their full team will be together in person.