.Description :Oliver Wyman is a global leader in management consulting. With offices in 70 cities across 30 countries, Oliver Wyman combines deep industry knowledge with specialized expertise in strategy, operations, risk management, and organization transformation.Our 7,000 professionals help clients optimize their business, improve their operations and risk profile, and accelerate their organizational performance to seize the most attractive opportunities.Oliver Wyman's thought leadership is evident in our agenda-setting books, white papers, research reports, and articles in the business press.Our clients are the CEOs and executive teams of the top Global 1000 companies.Visit our website for more details about Oliver Wyman :Job OverviewAs a trusted member of the Information Technology Services team, the Security Controls & Risk Analyst ensures that information security of Oliver Wyman Group within our infrastructure, applications and business processes is continuously improved.This includes proactive review and remediation of the current state of OWG tech security issues, management processes, tools, and activities, and providing recommendations for enhancement where appropriate.Candidates will have broad Information Security skills with a solid understanding of cross functional IT Security areas such as Identity & Access Management, Infrastructure Security, Application Security, Data Protection, and experience working with a broader team on security products and services.This is a hybrid role that requires 2 days per week in the Mexico City office. There is no option to be fully remote.Please submit CVs in EnglishKey Responsibilities :Support implementation and management of security and privacy initiatives.Assist in conducting security risk assessments and reviews, identifying potential threats and vulnerabilities, and evaluating their potential impact on the organization.Contribute to the development, implementation, and monitoring of risk mitigation plans to address identified security risks and ensure continuous improvement of the security compliance.Assist in maintaining and updating the organization's risk register, ensuring it is up-to-date and accurately reflects the current risk landscape.Collaborate with various teams to integrate security and risk management practices into their operational processes.Assist in annual review of security policies, standards, and procedures.Provide advice and guidance on information security matters to IT teams and business stakeholders.Assist in the preparation of reports and presentations on security and risk topics to senior leadership, providing insights and recommendations for decision-making.Support MMC teams working where required to ensure vulnerabilities are addressed and remediated.Qualifications :Bachelor's or master's degree in Information Security, Computer Science, or a related field