Senior Principal Engineering - IT Security Engineering

Company:

MMC Corporate

Description:

Marsh McLennan is seeking candidates for the following position based in the Noida India office:

Senior Principal Engineer – IT Security Engineering

What can you expect?

• Being a part of a global team of professionals
• An opportunity to develop your career and skills within the wider global team for Information Security
• Interact and contribute to team goals through global and regional colleague network.
• Contribute to revenue generation processes by interacting with internal and external teams and product specialist
• A great and competitive benefits package (locally dependant)
• An opportunity to learn and grow being a part of a global organisation

What is in it for you?

• Holidays (As Per the location)
• Shared Transport (Provided the address falls in service zone)

We will count on you to:

• Assist and contribute to maintenance ISO 27001: 2013 Certification in our Singapore office primarily by ensuring all the controls implemented from a global governance perspective are fit for purpose, effective and continually reviewed and improved to meet the organizations objectives and subsequent changes both within the industry and local regulation and legislation.
• Working with wider team in managing the global ISMS in relation to the above certification as well as being able to take on the management of certification requirements in any of the locations (virtually or remotely).
• Assisting and managing identified Information Security specific risks to Darwin (the application), team, processes, policies or other and reporting information security compliance and risk to key stakeholders within the business or at the least escalating said identified risks.
• Reviewing periodically existing policy, process and procedural documents, creating and developing new documents to meet a requirement and ensuring these are kept current with changes in the organization.
• Providing assistance with governance as well as any technical challenges such as the coordinating of any permitted technical testing, reviewing reports and translating critical findings and potential risks to stakeholders (non-technical) and working with relevant teams to manage risk to an acceptable level.
• Contributing to the Information Security pre-sales and RFP process by reviewing client and prospects, surveys/producing and maintaining security schedules for both clients and internal stakeholders.
• Being an SME for client related queries which, might take the form of calls with teams or individuals within the client’s establishment to disseminate information.
• Contributing to the review of Information Security requirements as part of the contractual process, reviewing contracts and asserting information security controls or deficiencies.
• Contributing to the Application and Infrastructure Penetration testing processes with the aim of working with the Engineering and SRE teams to resolve findings through their life cycle.
• Liaising with internal Development, Infrastructure, Architecture and Product teams in relation to information security threats, vulnerabilities and recommending mitigation or offering suggestion for remediation.
• Acting as an SME and providing an advisory role with product, process development with regards to information security contribution at inception or early in on in project life cycles.

What you need to have:

• Great verbal and written communication skills
• Integrity and attention to detail
• Experience of helping to drive Information Security initiatives within a global business
• Experience of maintaining ISO 27001 Certification or Global ISMS
• Experience in conducting information Security reviews/audits
• Experience in helping to deliver ongoing security awareness and training
• Experience in working with other working within a team to develop solutions
• Exposure to client facing roles or a good level of interaction with external entities/professionals.
• General knowledge in Privacy/Data Protection Legislation
• Flexible attitude and an ability to perform under pressure

What makes you stand out:

• ISO 27001 Certification
• CiISMP
• CISSP
• CISM
• CISA
• Security +
• PCIRM
• More importantly an eagerness to learn and some experience within Information Governance

Marsh McLennan (NYSE: MMC) is the world’s leading professional services firm in the areas of risk, strategy and people. The Company’s more than 85,000 colleagues advise clients in over 130 countries. With annual revenue of $23 billion, Marsh McLennan helps clients navigate an increasingly dynamic and complex environment through four market-leading businesses. Marsh provides data-driven risk advisory services and insurance solutions to commercial and consumer clients. Guy Carpenter develops advanced risk, reinsurance and capital strategies that help clients grow profitably and pursue emerging opportunities. Mercer delivers advice and technology-driven solutions that help organizations redefine the world of work, reshape retirement and investment outcomes, and unlock health and well being for a changing workforce. Oliver Wyman serves as a critical strategic, economic and brand advisor to private sector and governmental clients. For more information, visit marshmclennan.com, or follow us on LinkedIn and X.

Marsh McLennan is committed to embracing a diverse, inclusive and flexible work environment. We aim to attract and retain the best people and embrace diversity of age, background, caste, disability, ethnic origin, family duties, gender orientation or expression, gender reassignment, marital status, nationality, parental status, personal or social status, political affiliation, race, religion and beliefs, sex/gender, sexual orientation or expression, skin color, or any other characteristic protected by applicable law.

Marsh McLennan is committed to hybrid work, which includes the flexibility of working remotely and the collaboration, connections and professional development benefits of working together in the office. All Marsh McLennan colleagues are expected to be in their local office or working onsite with clients at least three days per week. Office-based teams will identify at least one “anchor day” per week on which their full team will be together in person

Originally posted on Himalayas