Security Incident and Investigations Manager

Job Summary:

As a key member of the Global Information Security Assessment and Incident Response team, the Vulnerability Manager is principally responsible for ensuring the global organization consistently adheres to its technology security policies and best practices through the implementation and use of sophisticated technical security risk assessment tools and methods. The Vulnerability Manager works closely with a wide range of audiences, to include CIOs, CROs, Global Compliance Officers, the CISO and various technical teams from Legal and HR to IT experts to assess and ensure superior security controls remain effective at protecting millions in revenue generating capability.

The Vulnerability Manager blends a unique highly technical skillset in Information Technology and Information Security with outstanding business acumen and communication skills in order to understand and convey complex Information Security concepts and solutions globally and at all levels in the organization.

The Vulnerability Manager, must use advanced critical thinking and problem solving methods to operate flawlessly in high-pressure situations to protect the firm from advanced persistent threats and proactively identify probable risk areas across the business applications and systems to thwart active attacks

Responsibilities:
Globally identify, document, measure and communicate technical Information Security Risks across the organization’s data networks, systems, and applications using standard company toolsets and assessment processes to identify significant risk and attack surfaces which threaten the firm’s revenue generating capabilities. Build enhanced risk assessment methodologies to effectively communicate technical attack threats to executive level business leaders in business terms.

Identify, review, contain and resolve information security incidents as part of the global Security Incident Response Team (CIRT) and conduct details forensic investigations, preserving the chain of evidence, for materials handled within the cases. Manage incident response calls globally and lead the response team to a timely resolution while limiting the business impact of an incident. Partner with experts across Information Technology, Legal, HR, Compliance and business IT teams in support of investigative and forensic activities.

Conduct technical risk and change reviews, enforcing the firm’s Security and Compliance policies and best practices as required to ensure our highly sensitive client and Company information is appropriately secured. Engage business and project teams globally to clearly explain policies, decisions, and appropriate threat mitigation steps to maximize efficiency and productivity of the security assessment process. Identify and suggest enhancements to global processes to ensure continued effectiveness.

Monitor and research industry information sources for zero-day threats and emerging Information Security trends and vulnerabilities impacting the organization and its ability to serve its customers. Recommend, direct, and implement best in class technology and business process solutions to mitigate and reduce threat globally. Influence technical and strategic direction of the Information Security function as it relates to keeping information secure and available for all MMC clients and staff.

Qualifications
Education:

(4-year college) B.S. or B.A. Degree, Computer Science or relevant field.
Experience:
Minimum 10 years of combined incident, forensic, cyber risk and threat management experience required
Knowledge and skills:

Strong knowledge across a wide range of technical information security disciplines and solutions e.g. firewalls, VPN, PKI, network and host IDS/IPS, vulnerability & risk assessment tools and methods, penetration testing, encryption, malware identification, containment and prevention, e-mail security, active directory and group policies, two-factor authentication, common Windows (desktop & server) OS, OSX, various UNIX/Linux platforms, TCP/IP, SIEM and other common security toolsets are required.

Significant experience operating commercial and open-source computer forensics tools (e.g. Encase, FTK), ability to use command line tools and write simple scripts as needed to remotely analyze systems to harvest user activity, malware identification, etc. Demonstrate understanding of common vulnerabilities and threats affecting widely deployed software and methods to identify and remediate such issues.

Understanding and awareness of common computer forensic techniques, proper evidence handling, etc.
Must be results focused — an expert problem solver with a strong desire to constantly research and master new concepts, technologies and solutions related to Information Security quickly and apply to ongoing tasks and deliverables.
Must have meaningful experience conducting, supporting, or managing computer forensics investigations, computer incident response activities, and malware analysis

Must demonstrate excellent written and verbal communication skills. Must be able to effectively lead meetings and conference calls involving IT, legal/HR, and/or client contacts and write security incident and investigative reports.
Must be a self-starter, able to work under pressure and with limited supervision both individually and with other team members. Must be able to work well with others in a globally and culturally diverse environment. Must be able to successfully prioritize and manage to completion multiple complex tasks and deliverables. Must be able to speak clearly to conduct teleconferences.
Must possess and demonstrate the highest degrees of integrity and accountability in all actions. Must be highly dependable and available on-call outside normal business hours as needed in response to critical security incidents and other events. Must be available for occasional travel

Other requirements:

Related industry certifications a plus such as GCIH, GCFA, GCFE, or EnCE.
Marsh & McLennan Companies is a global professional services firm offering clients advice and solutions in the areas of risk, strategy and people. Marsh is a leader in insurance broking and risk management; Guy Carpenter is a leader in providing risk and reinsurance intermediary services; Mercer is a leader in talent, health, retirement and investment consulting; and Oliver Wyman is a leader in management consulting. With annual revenue of $13 billion and approximately 60,000 colleagues worldwide, Marsh & McLennan Companies provides analysis, advice and transactional capabilities to clients in more than 130 countries. The Company is committed to being a responsible corporate citizen and making a positive impact in the communities in which it operates. We embrace a culture that celebrates and promotes the many backgrounds, heritages and perspectives of our colleagues and clients. For more information, please visit us at: www.mmc.com/diversity. Visit www.mmc.com for more information and follow us on LinkedIn and Twitter @MMC_Global

Marsh & McLennan Companies offers competitive salaries and comprehensive benefits and programs including: health and welfare, tuition assistance, 401K, employee assistance program, domestic partnership benefits, career mobility, employee network groups, volunteer opportunities, and other programs. For more information about our company, please visit us at: http://www.mmc.com/. We embrace a culture that celebrates and promotes the many backgrounds, heritages and perspectives of our colleagues and clients. For more information, please visit us at: www.mmc.com/diversity.

Marsh & McLennan Companies and its Affiliates are EOE Minority/Female/Disability/Vet/Sexual Orientation/Gender Identity employers

Job IT Security

Primary Location United States

Marsh & McLennan Companies and its Affiliates are EOE Minority/Female/Disability/Vet/Sexual Orientation/Gender Identity employers.

. . . . . . . .

Leave a Reply