The global Cyber Risk Consulting (CRC) practice of Marsh Advisory supports customers to understand, estimate and mitigate cyber risks. The fast growing CRC team provides cybersecurity consulting services, pertaining to IT and OT, in domains such as cybersecurity governance, risk, compliance, strategy, architecture and resilience. This role is open in Marsh CRC???s Middle East practice.
What can you expect?
- Be a part of a dynamic team in a fast-paced environment and play a role in growing the CRC practice.
- Perform delivery of the desired deliverables as per the agreed scope of work with the client, and provide an efficient delivery model for Marsh CRC practice.
- Play a key role in leading/supporting the delivery of multiple CRC projects with considerable on-site travel.
We will count on you to :
- Be hands-on in delivery of consulting projects and mentor junior colleagues in their projects (whenever needed).
- Prepare deliverables for cyber consulting practice under the guidance of CRC practice leaders and project managers.
- Conduct research on cybersecurity risks and technologies, and support the team in preparing point of view documents and presentations.
- Support the team towards constant innovation of cybersecurity approach and go-to-market strategy.
- Support in addressing Request-for-Proposals (RFPs), preparing proposals, and scope of work documents.
- Learn CRC practices??? processes, and explain them to non-technical clients/colleagues.
- Understand different domains within cybersecurity space and demonstrate passion towards at least one domain of cybersecurity.
- Maintain key project track record and detailed process documentations
- Deliver projects either remotely or onsite depending on client requirement.
- Motivate junior team members and take the high road to ensure client success.
What you need to have:
The candidate must possess the following attributes:
- Graduate or equivalent from an institute of repute. Preferably with majors relevant to cybersecurity.
- 10+ Years in cybersecurity program development, and/or cyber risk management.
- Successful track record of business development and management including competitive proposal development.
- Well-versed on current cyber security technologies, industry developments, and issues, to direct best practices and resources, in a specialty area/identified business need.
- Valid Passport and ready for frequent travel within Middle East countries for client deliveries/workshops
- Experience in cybersecurity GRC specially ??? cybersecurity frameworks such as NIST and ISO 27001 (gap assessments, policies, procedures, governance documentation, etc.)
- ISO 27001 certified candidates will be preferred.
- Knowledge of and experience in developing and documenting security architecture and plans, including strategic, tactical and project plans.
- Expertise in IT security principles and controls. Candidate should ideally have hands on experience in conducting cyber risk assessments, designing cyber security framework (including policies, procedures), vendor risk management, DLP, IRM, compliance management.
- Knowledge on Cyber Security standards / regulations. E.g. NIST, ISO 27001, ISO 27002 GDPR, CIS Control, CMCC etc.
- Strong IT skills including knowledge on hardware, software, networks, and data center
- Ability to develop quality reports, presentations, project trackers.
- Should be proficient in MS Office applications such as Word, PowerPoint, and Excel. Basic knowledge in Project, Teams, and Visio.
- Effective communicator who is able to share insights with clients/stakeholders.
- Strong analytical problem solving skills and experience.
- Smart, collaborative, relationship and outcome focused with the ability to make decisions where ambiguity exists.
- Effective organization skills with key attention to detail and delivery of high quality documentation with the ability to implement/influence change.
- Strong sense of business ethics and principles.
- Excellent English language skills, both verbal and written with the ability to communicate technical matters to a non-technical audience.
What makes you stand out:
- Experience in data governance/data privacy/Information security policy understanding.
- Experience in cybersecurity incident response.
- Experience in conducting internal or external IT audit
- Experience with developing cyber security strategies.
- Strong leadership abilities, with the capability to develop and guide team members and IT operations personnel, and work with minimal supervision.
- Fluency in Arabic constitutes an advantage.
- Work independently or as part of a team as needed
- Preferred Certifications - CISSP,CISA, CISM.
- Certified lead implementer or a certified lead auditor on ISO27001:2013.
- Good to have knowledge of ICS/OT Cybersecurity assessments (NIST CSF / IEC 62443)
Marsh is the world???s leading insurance broker and risk adviser. With more than 45,000 colleagues operating in more than 130 countries, Marsh serves commercial and individual clients with data driven risk solutions and advisory services. Marsh is a business of Marsh McLennan (NYSE: MMC), the leading global professional services firm in the areas of risk, strategy and people. With annual revenue of over $20 billion, Marsh McLennan helps clients navigate an increasingly dynamic and complex environment through four market-leading businesses: Marsh, Guy Carpenter, Mercer, and Oliver Wyman. For more information, visit marshmclennan.com, follow us on LinkedIn and Twitter.
Marsh McLennan is committed to embracing a diverse, inclusive and flexible work environment. We aim to attract and retain the best people and embrace diversity of age background, civil partnership status, disability, ethnic origin, family duties, gender orientation or expression, gender reassignment, marital status, nationality, parental status, personal or social status, political affiliation, race, religion and beliefs, sex/gender, sexual orientation or expression, skin color, or any other characteristic protected by applicable law. We are an equal opportunities employer.
Marsh McLennan is committed to hybrid work, which includes the flexibility of working remotely and the collaboration, connections and professional development benefits of working together in the office. All Marsh McLennan colleagues are expected to be in their local based teams will identify at least one ???anchor day??? per week on which their full team will be together in person. office or working onsite with clients at least three days per week. Office-based teams will identify at least one ???anchor day??? per week on which their full team will be together in person.
