Senior Specialist - IT Security
MMC

Job Info

---

Marsh McLennanis seeking candidates for the following position based out of our Phoenix AZ or a local office in an onsite capacity.

Senior Analyst - Global Cyber Defense - Government Detection and Response Team

What can you expect?

• We are looking for someone to join and grow in our remote-first Government Detection and Response Team (GovDART) in a technical Senior Analyst role on the Monday - Friday business hours shift.
• As a Senior Analyst, you will be responsible for analyzing security event data, assessing the potential impact of events, and creating recommendations to defend against emerging threats.
• You will be involved in the remediation of security incidents.
• You will follow security events through the triage and Incident Response (IR) lifecycle and document all processes in a centralized knowledgebase.
• In this role, you will participate in ongoing security incidents and continuous SOC/IR/Vulnerability Management initiatives, such as new content development and enrichment.
• You will also be responsible for Vulnerability Management (VM) of devices within the identified Gov boundary.
• Additionally, you will collaborate across multiple global corporate boundary teams on various efforts to continue to strengthen the security posture of Marsh & McLennan Companies.
• Operating as a subject matter expert on various security topics across multiple domains including SOC Operations, Cyber Incident Response and Vulnerability Management.

What is in it for you?

• Be able to work remotely, with a global team with a company with a strong brand and strong results to match.
• Be part of an organization with a culture of internal mobility, collaboration, valued partnership from the business and drive for innovation in data & analytics, including the latest AI technology
• Grow your career with direct exposure to Senior Technologists, Business Leaders, and Employee Resource Groups which provide access relevant volunteer and mentoring opportunities and interactions with counterparts in industry groups and client organizations.
• Competitive pay (salary and bonus potential), Full benefits package - starting day one (medical, dental, vision, STD/LTD, life insurance, RSP (Retirement Savings Plan or TFSA (tax free savings account.)
• Entitled to vacation, floating holidays, time off to give back to your community, sick days, and national holidays (with early dismissal)

We will count on you to:

• Analyze network traffic, endpoint security events, and other various log sources to identify threats, assess potential impact, and recommend mitigations
• Perform Incident Response when cyber incidents are declared.
• Perform, analyze, and prepare vulnerability management reports & acting as the Team Lead of the GovDART team.
• Support other security functions and teams to ensure the holistic implementation of security controls, technologies, practices, and programs
• Contribute to the development and improvement of response processes, documentation, tool configurations, and detection logic and creating technical reports to support client requirements
• Assist in additional SOC, IR and VM initiatives, including playbook development and documentation, new rule creation, and tool evaluations for all MMC Detection and Response Teams (DART)
• Maintaining an operational knowledge of global threat trends, known threat actors, common tactics, techniques, and procedures (TTPs), and emerging security technologies
• Collaborating on Security Operation Center team training opportunities and other cross training opportunities within the Federal support teams and the corporate support teams.
• Supporting 24x7 Federal cloud and on-premises operations by participating in an on-call rotation and assisting in ongoing incidents during non-standard hours

What you need to have?

• Undergraduate degree in Computer Science (CS), Computer Information Systems (CIS), other related degrees, or equivalent experience
• 2+ years of information security experience and/or 2-4 years of experience in security analysis in a non-security focused role
• Demonstrated experience with security technologies and alerts, such as intrusion prevention and detection systems, web proxies, SIEM, SOAR, EDR, firewalls, web application scanner, vulnerability scanners, forensics tools, open-source tools, or other security technologies
• Knowledge in one or more of the following domains: Network Operations and Architecture, Operating Systems, Identity and Access Management, Programming, Cloud Computing, Databases, or Cryptography
• Familiarity with common security frameworks and models, such as MITRE ATT&CK, Lockheed Martin Cyber Kill Chain, The Diamond Model of Intrusion Analysis and NIST Cybersecurity Framework
• Obtaining a public trust or security clearance as individual business contracts require.

What makes you stand out?

• Experience working within isolated FedRAMP/StateRAMP environments
• Knowledge of NIST 800-53r5, public sector / government experience
• Knowledge of common attacks, current threats, threat actors, and industry trends
• Professional or technical certifications, such as Security+, GIAC Certified Incident Handler (GCIH), Certified Ethical Hacker (CEH), GIAC Enterprise Vulnerability Assessor Certification or other related certifications

Marsh McLennan (NYSE: MMC) is the world's leading professional services firm in the areas of risk, strategy and people. The Company's more than 85,000 colleagues advise clients in over 130 countries. With annual revenue of $23 billion, Marsh McLennan helps clients navigate an increasingly dynamic and complex environment through four market-leading businesses. Marsh provides data-driven risk advisory services and insurance solutions to commercial and consumer clients. Guy Carpenter develops advanced risk, reinsurance and capital strategies that help clients grow profitably and pursue emerging opportunities. Mercer delivers advice and technology-driven solutions that help organizations redefine the world of work, reshape retirement and investment outcomes, and unlock health and well being for a changing workforce. Oliver Wyman serves as a critical strategic, economic and brand advisor to private sector and governmental clients. For more information, visit marshmclennan.com, or follow us on LinkedIn and X.

Marsh McLennan is committed to embracing a diverse, inclusive and flexible work environment. We aim to attract and retain the best people and embrace diversity of age background, disability, ethnic origin, family duties, gender orientation or expression, marital status, nationality, parental status, personal or social status, political affiliation, race, religion and beliefs, sex/gender, sexual orientation or expression, skin color, veteran status (including protected veterans), or any other characteristic protected by applicable law. If you have a need that requires accommodation, please let us know by contacting TANA@mmc.com

Marsh McLennan is committed to hybrid work, which includes the flexibility of working remotely and the collaboration, connections and professional development benefits of working together in the office. All Marsh McLennan colleagues are expected to be in their local office or working onsite with clients at least three days per week. Office-based teams will identify at least one "anchor day" per week on which their full team will be together in person.

The applicable base salary range for this role is $93,700 to $187,300.

The base pay offered will be determined on factors such as experience, skills, training, location, certifications, education, and any applicable minimum wage requirements. Decisions will be determined on a case-by-case basis. In addition to the base salary, this position may be eligible for performance-based incentives.

We are excited to offer a competitive total rewards package which includes health and welfare benefits, tuition assistance, 401K savings and other retirement programs as well as employee assistance programs.

Applications will be accepted until: December 2, 2024

This job has expired.