Description : MMC is seeking candidates for the following position based in the Mexico City office and be onsite 3 days a week: Specialist - IT Security
What can you expect? The IT Risk Management Specialist is a business-oriented information security risk management role. IT Risk Management develops and executes an information security strategy that keeps the company's and its clients' data secure as it is stored, processed, and transmitted through company and third-party systems. Risk management specialists identify potential vulnerabilities, evaluate external threats, and put protective solutions in place. Performs security risk assessments for applications under general supervision.
Documents any issues and action items. Provides general support on risk and security related issues. Assists in implementing technology and business process solutions to mitigate/reduce risk. Applies in-depth knowledge to ensure that information security within the infrastructure, applications, and business processes is continuously improved. Ensures communication with various stakeholders are coordinated. Works with all teams to ensure system vulnerabilities are addressed and remediated effectively and efficiently. This role contributes to enhancing the cyber preparedness of our business applications and Shared Services globally. What is in it for you? Be part of a multinational environment in constant evolution where you'll be able to learn, grow, and create future career opportunities across the organization. Extraordinary challenges, extraordinary colleagues, and the opportunity to make a difference. Our rich history has created a client service culture that we believe is second to none. Our commitments to diversity and inclusion, Corporate Social Responsibility, and sustainability demonstrate our commitment to stand for what is right. We're an equal opportunity employer committed to embracing a diverse, inclusive, and flexible work environment. Huge landscape to learn & work on new technologies and apply your skills. Enjoy unlimited access to a vast range of courses and professional training through Udemy to continually enhance your skills and knowledge. We will count on you to: Assist CISO with implementing a risk-based strategy and program to advance and mature the cyber preparedness of our corporate and Shared Services functions.
Maintain and report on key risk metrics enabling the business teams to reduce risk to our computing and application systems.
Assist CISO with reporting vulnerability management metrics to the appropriate Risk Committees, assist coordination of related risk mitigation/remediation activities requested by the committees. Assist CISO with reporting status of various control objectives as mandated by external regulatory agencies in accordance with the established Global Information Security (GIS) program. Keep abreast of the regulatory requirements affecting the cyber security program and assist in the attestation of our controls in compliance with the regulations.
Collaborate with peer internal Security and Audit colleagues to help define and ensure MMC-wide consistency of security protocols and risk management.
Assist CISO with implementing a vendor risk management program. Coordinate vendor risk assessments and follow-through on findings.
Assist with mitigation of gaps as determined appropriate by business.
What you need to have: 5+ years' experience in IT and/or relevant Security experience. Excellent knowledge in security/privacy regulations. Extensive risk management experience with policies, standards, procedures. Considerable experience with security control assessments. Excellent presentation and communication skills, experience with influencing and problem resolution. Advanced knowledge of Information Security controls, network technologies, and associated methodologies. Excellent communication skills in English (C1 level). What makes you stand out? B.S. in Business or relevant degree preferred. CISSP or similar, though not required.
#J-18808-Ljbffr