Marsh & McLennan Cos Principal, Data Security Lead in New York, New York
Marsh McClennan is seeking candidates for the following position based in the New York Office:
**Principal Data Security Lead**
**What can you expect?**
- We are seeking a passionate information security engineer to help protect data, identities and applications in a global organization.
- This person will help secure MMC and Mercer applications.
**We will count on you to:**
- Provide design, engineering, implementation, and production support for MMC Data Protection and Mercer Identity Security Solutions (OKTA, ADFS, SSO, MFA).
- In addition this person will provide security platform support for security testing tools, such as WhiteHat, Blackduck etc.
- Conduct and manage data security assessments/reviews of applications.
- Identify potential security vulnerabilities, determining what controls are necessary to protect the data, determining effectiveness of existing controls and to design and implement additional controls as needed.
- Work with Application and Data Owners to utilize cryptographic data security tools to encrypt, tokenize, and data mask to protect and minimize risk for sensitive data.
- Help improve and review API Security configuration standards and controls.
- Research and test new technologies and solutions related to data & identity protection and application security testing tools.
**What you need to have:**
- Bachelor's or Master's degree in Business Administration, Information Technology, Computer Science, or related field
- At least 10-12 years of professional experience in Information Technology with at least 6-8 years in Information Security
- Working knowledge in all areas of technology (infrastructure, applications, SDLC, end-user platforms and IT Operations)
- Experience with at least 2 of the following, enterprise key management, encryption, CIAM, Identity and Access Management, AuthN/Z, SSO, MFA, and API Security
- 2+ years working with cloud technologies such as AWS/Azure
- Advanced interpersonal communications skills including superior writing and verbal skills
- A drive to learn new technologies and adapt to an ever changing technology
**What Makes you Stand Out:**
- Experience deploying enterprise data protection solutions (Thales Vormetric, MicroFocus SecureData (Voltage), TDE.
- 4+ years securing data in the cloud (AWS, Azure)
- 6+ years with CIAM (Ex. OKTA, Ping, ADFS, RSA)
- Extensive experience with encryption, identity management, AuthN/Z systems and API Security
- Strong CLI and Linux experience
- Experience with API Security Audit and review
- Experience in managing small to medium complex technical projects.
- Experience administering and managing HSMs.
- Experience implementing data protection solutions for unstructured data.
**Nice to have:**
- Experience in scripting, and automation (DevSecOPs)
- Amazon KMS, HSM and similar cloud data protection solutions.
- Design and engineering support for API Security Gateways (Apigee)
**Other requirements** (licenses, certifications, specialized training)
- Candidates will be responsible for participating in 24x7 support and on-call rotation.
- IT Security and training preferred. (CISSP, CEH, SANs training)
- Nice to have: Experience with Data Regulations, GDPR, NYDFS, CCPA etc.
Marsh McLennan(NYSE: MMC) is the world's leading professional services firm in the areas ofrisk, strategy and people. The Company's 76,000 colleagues advise clients in 130 countries.With annual revenue over $17 billion, Marsh McLennan helps clients navigate an increasingly dynamic and complex environment through four market-leading businesses.Marshadvisesindividual and commercial clients of all sizes on insurance broking and innovative risk managementsolutions.Guy Carpenterdevelops advanced risk, reinsurance and capital strategies that help clientsgrow profitably and pursue emerging opportunities.Mercerdelivers advice and technology-drivensolutions that help organizations redefine the world of work, reshape retirement and investmentoutcomes, and unlock health and wellbeing for a changing workforce.Oliver Wymanserves as a critical strategic, economic and brand advisor to private sector and governmental clients. For more information, visitmmc.com, follow us onLinkedInandTwitteror subscribe toBRINK.
Marsh McLennan and its Affiliates are EOEMinority/Female/Disability/Vet/SexualOrientation/Gender Identity employers.