HobokenRecruiter Since 2001
the smart solution for Hoboken jobs

Senior Specialist, Technical Risk Assessment

Company: JLT Employee Benefits
Location: Hoboken
Posted on: September 19, 2022

Job Description:

The Senior Specialist Technical Risk Assessment role's main purpose is to provide an in-depth analysis of the security risk affecting an information system being evaluated by MMC, as a component of MMC technology onboarding process.A technical risk assessment (TRA) function, as the main purpose of the Sr. technical risk analyst role, provides in-depth security risk evaluation on information systems such as software applications, cloud services, potential merger/ acquisition targets, and wide deployment / elevated privilege software tools. These security risk-based evaluationswill outline adherence to information security policy, standards, and controls; and will include enumerations of risksand recommendations for actions or mitigations to reduce risk. What can you expect? The most relevant responsibility is the identification of security concerns and the assessment of technical risksin information systems -under evaluation- such as, software products, cloud services, applications, DBs, and technology implementations.To perform this main responsibility, the Senior Technical Risk Analysts:

  • Engage with the service requesting team to understand the purpose of the information systems -under evaluation- and its requirements for deployment. Review the solution capability, deployment plans and solution architecture to ensure alignment to Global Information Security requirements.
  • Work with technology teams, technology product owners, architects, application owners, security leaders, and business teams (stakeholders) to identify the information systems' security capabilities, security gaps, configuration requirements and technical security implementation recommendations.
  • Perform a technical risk evaluation of the information systems, including in-depth technical security aspects, such as the identification, authentication, and authorization of users, roles, and programs connecting to the information system under evaluation. Encryption mechanisms of MMC information assets in transit, at rest. Network security. Auditing, monitoring, and logging capabilities. System resiliency. Assessing the deployment of approved code and images . Suitability of patching practices and updates. With the goal of determining adherence to MMC Global Information Security requirements.
  • Produce risk reports and documentation to enable information system's stakeholders to understand outcomes of analysis, including technical security implementation recommendations, references to appropriate policies and standards and gaps in the solution capability.The Sr. TRA analyst will report directly to the TRA manager, as part of the Information Security IT / Cyber Risk Management organization within Global Information Security. We will count on you:
    • Engage with service requesting teams to understand the purpose of the information system -underevaluation- and requirements for deployment. Review the system's security capabilities, understand thearchitectural components and deployment plans and against applicable security standards and controls toensure alignment to Global Information Security requirements.
    • Participate in larger technology reviews with multiple workstreams and project stakeholders, ensuring thetimeliness and quality of the information security review.
    • Produce reports and documentation to enable security and technology team members to understandoutcomes of security analysis, including references to appropriate policies and standards and gaps in thesolution capability.
    • Ensuring a timely completion of TRA service requests; assess various projects simultaneously by managingthe expectation of multiple stakeholders with competing priorities.
    • Collaborate with other Technical Risk Assessment team and technology implementation teams withinMMC in the creation and improvement of security implementation guidelines and standards, ensuringalignment to policy.
    • Through training, and collaboration with other technology teams, the Senior Technical Risk Analystsacquire the knowledge, further expertise, and update information and practices to maintaining an excellentlevel of performance demanded by pervasive security threats and evolving security practices. What you need to have:
      • 10+ years of working experience in IT.
      • 5+ of explicit working experience in information security, and risk; having performed technical riskidentification, evaluation, and risk management processes. Use of risk management instruments and tools,such as risk registers and assessment tools.
      • In-depth knowledge of IT, SDLC, information security, privacy, technical risks evaluation.
      • Deep understanding of identity and access management (IAM) technologies and standards -inclusive ofcloud identity platforms & Microsoft AD- encryption, networking, firewalls, web applications, onpremises,and cloud application hosting environments.
      • In-depth cloud service security and architecture
      • Strong knowledge of NIST and ISO security risk frameworks, controls, and standards. What makes you stand out?
        • Exceptional communication skills to all levels of the organization & external contacts
        • Must be a self-starter, work with limited supervision & be able to work well with others in a globallydiverse IT environment.
        • Experience coding/scripting with common languages such as Java Script, Python & Perl is preferred.
        • CISSP and/or CSSLP certification is preferred. Other Information Security oriented certifications a plus What is in it for you?
          • A company with a strong brand and strong results to match.
          • Culture of internal mobility, collaboration, and valued partnerships.
          • Competitive pay (salary and performance bonus potential).
          • Full benefits package - starting day one (medical, dental, vision, life insurance, 401k match AND contribution).About MMC.Marsh is the world's leading insurance broker and risk adviser. With over 35,000 colleagues operating in morethan 130 countries, Marsh serves commercial and individual clients with data driven risk solutions and advisoryservices. Marsh is a business of Marsh McLennan (NYSE: MMC), the leading global professional services firmin the areas of risk, strategy and people. With annual revenue approaching US $17 billion and 76,000 colleaguesworldwide, MMC helps clients navigate an increasingly dynamic and complex environment through fourmarket-leading businesses: Marsh, Guy Carpenter, Mercer, and Oliver Wyman. Follow Marsh on Twitter@MarshGlobal; LinkedIn; Facebook; and YouTube, or subscribe to BRINK.Marsh McLennan and its Affiliates are EOE Minority/Female/Disability/Vet/Sexual Orientation/GenderIdentity employers

Keywords: JLT Employee Benefits, Hoboken , Senior Specialist, Technical Risk Assessment, IT / Software / Systems , Hoboken, New Jersey

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category

Log In or Create An Account

Get the latest New Jersey jobs by following @recnetNJ on Twitter!

Hoboken RSS job feeds