- Location
- Pune - Business Bay, India
- Workplace
- Hybrid
- Type
- Full-time
- Department
- Management
- Seniority
- Senior
- Experience
- 6+ years
- Closing date
- 3 days ago
- Source
- Workday
Description
Company:
MarshDescription:
Job Profile: Senior Manager, Cyber Risk Consulting, Marsh
Location: Pune
MMC Business Unit: Marsh
MMC Office Name: Marsh McLennan India Private Limited (MMIPL)
MMIPL Function: Knowledge Services
Marsh is a global leader in insurance broking and risk management. In more than 130 countries, our experts in every facet of risk and across industries help clients to anticipate, quantify, and more fully understand the range of risks they face.
Marsh Risk Consulting is the consultative branch of Marsh, which operates internationally and provides solutions in the increasing needs of our clients to implement risk management programs within their organization.Marsh Risk Consulting helps companies to change their risk profiles so they can improve resiliency, reduce claims, and minimize the total cost of risk. Businesses today regularly tackle multiple challenges, whether facing property and casualty, cyber, reputational, or other risks, Marsh Risk Consulting can help.
The global Cyber Risk Consulting (CRC) practice of Marsh Risk Consulting supports customers to understand, estimate and mitigate cyber risks. This role is open in Marsh McLennan India Private Limited (MMIPL) a global in-house center for MMC Group. The MMIPL in Mumbai has a function called ‘Knowledge Services which supports the MMC group by providing specialized services. Under the Knowledge Services function, there is Marsh Risk Consulting team, which supports the global clients and colleagues. This role will initiate a new service line for Marsh Risk Consulting team in Mumbai, which entails supporting the CRC colleagues in execution of the cyber consulting projects.
What can you expect?
• Collaborate with the CRC practice in India, Middle East and Africa (IMEA) for delivery of the practice's value proposition in the regions.
• Provide complete support to delivery of the desired deliverables as per the agreed scope of work with the client, and provide an efficient delivery model for Marsh CRC practice
• Play a key role in leading the delivery of multiple CRC projects
• Responsible for review and training of junior colleagues to ensure the deliverable is as per the expected quality framework.
• Moderate travel within India, Middle East, and Africa (IMEA) region for client engagements and collaboration with the CRC practice.
We will count on you to:
• Support the IMEA CRC practice, and be hands-on in delivery of the consulting projects and mentor the junior colleagues in their projects
• Prepare deliverables for cyber consulting practice under the guidance of the CRC practice
• Conduct research on the clients cybersecurity risk areas and prepare a point of view for consulting
• Support the team towards constant innovation of cybersecurity approach and go-to-market strategy
• Quick learner of the CRC practices’ procedures and policies, and is able to explain the same to non-technical clients/colleagues
• Understand different domains within cybersecurity space and demonstrate passion
• Is on track to build specialization to demonstrate specialist knowledge in cybersecurity
• Contribute in research support for building a robust CRC practice deliverables
• Will be responsible to maintain key project track record and detailed process documentations
• Delivery of the projects would be done either remotely or onsite depending on the client requirement
• Ability to motivate the team members and take the high road to ensure client success
• Build proposals and pitch to potential clients, including developing compelling presentations and effectively communicating the value proposition of the Cyber Risk Consulting practice.
What you need to have:
The candidate must possess the following attributes:
• 6 to 8 years of professional experience in the cybersecurity consulting domain in Big 4 or boutique firms;
• At least one of the following Professional OT cyber security certifications (e.g. ISA/IEC 62443, EXIDA CACS, GICSP, ISO 27001 or Security+) would be mandatory;
• Expertise in OT security principles and controls. Candidate should ideally have hands-on experience in conducting OT Cyber risk assessments, designing cyber security frameworks (including policies, and procedures), implementations, audits, vendor risk management and user awareness training.
• knowledge of Cyber Security standards/regulations. E.g. ISA/IEC 62443, NIST 800-82, ISO 27001, etc.
• Knowledge of Industrial Automation control systems (e.g. PLCs, HMI, DCS, SCADA, etc.) and OT networking technologies.
• Knowledge of network security control devices/systems (e.g. Firewalls, IDS, IPS, etc.)
• Knowledge of the OSI layer and various OT protocols.
• Knowledge of OT incident response plan (IR) and business continuity plan (BCP).
• Ability to develop quality reports, presentations, and project trackers.
• Should be proficient in Ms. Office applications such as Word, PowerPoint, and Excel. Basic knowledge in Project, Teams, and Visio.
• Effective communicator who is able to share insights with clients/stakeholders
• Strong analytical problem solving skills and experience
• Smart, collaborative, relationship and outcome focused with the ability to make decisions where ambiguity exists;
• Ability to demonstrate sound judgment in the prioritization of competing work assignments, escalation of issues and the formulation of solutions;
• Effective organization skills with key attention to detail and delivery of high quality documentation with the ability to implement/influence change;
• Strong sense of business ethics and principles;
• Graduate degree in Electronics, Computer Science, Cybersecurity, or another related field.
• Excellent English language skills, both verbal and written with the ability to communicate technical matters to a non-technical audience.
• Fluency in additional foreign languages constitutes an advantage.
• Be able to travel globally or regionally on a need basis.
What is good to have:
• Experience in data governance/data privacy
• Experience of internal or external IT audit
• Knowledge of technical assessments (VA/PT, WAPT, Config. Review etc.)
• Experience with developing cyber security strategies
• Experience in Ms. Visio, Ms. Project
• Fluency in foreign language constitutes an advantage.
MARSH & MCLENNAN:
Marsh & McLennan (NYSE: MMC) is the world's leading professional services firm in the areas of risk, strategy and people. The Company's 76,000 colleagues advise clients in over 130 countries. With annualized revenue approaching $17 billion, Marsh & McLennan helps clients navigate an increasingly dynamic and complex environment through four market-leading businesses. Marsh advises individual and commercial clients of all sizes on insurance broking and innovative risk management solutions. Guy Carpenter develops advanced risk, reinsurance and capital strategies that help clients grow profitably and pursue emerging opportunities. Mercer delivers advice and technology-driven solutions that help organizations meet the health, wealth and career needs of a changing workforce. Oliver Wyman serves as a critical strategic, economic and brand advisor to private sector and governmental clients. For more information, visit mmc.com, follow us on LinkedIn and Twitter @mmc_global or subscribe to BRINK.
Marsh & McLennan Companies and its Affiliates are EOE Minority/Female/Disability/Vet/Sexual Orientation/Gender Identity employers.
MARSH:
Marsh is a global leader in insurance broking and risk management. In more than 130 countries, our experts in every facet of risk and across industries help clients to anticipate, quantify, and more fully understand the range of risks they face. We work with clients of all sizes to define, design, and deliver innovative solutions to better quantify and manage risk. We offer risk management, risk consulting, insurance broking, alternative risk financing, and insurance program management services to businesses, government entities, organizations, and individuals around the world. To every client interaction, we bring an unmatched combination of deep intellectual capital, industry-specific expertise, global experience, and collaboration. Since 1871, clients have relied on Marsh for trusted advice, to represent their interests in the marketplace, make sense of an increasingly complex world, and help turn risks into new opportunities for growth. Our more than 30,000 colleagues work on behalf of our clients, who are enterprises of all sizes in every industry, and include individuals, multinational organizations, and government entities worldwide. We embrace a culture that celebrates and promotes the many backgrounds, heritages and perspectives of our colleagues and clients. Visit www.marsh.com for more information and follow us on LinkedIn and Twitter @MarshGlobal
Marsh Risk is a business of Marsh (NYSE: MRSH), a global leader in risk, reinsurance and capital, people and investments, and management consulting, advising clients in 130 countries. With annual revenue of over $27 billion and more than 95,000 colleagues, Marsh helps build the confidence to thrive through the power of perspective. For more information about Marsh Risk, visit marsh.com, or follow us on LinkedIn and X.Marsh is committed to embracing a diverse, inclusive and flexible work environment. We aim to attract and retain the best people and embrace diversity of age, background, caste, disability, ethnic origin, family duties, gender orientation or expression, gender reassignment, marital status, nationality, parental status, personal or social status, political affiliation, race, religion and beliefs, sex/gender, sexual orientation or expression, skin color, or any other characteristic protected by applicable law.Marsh is committed to hybrid work, which includes the flexibility of working remotely and the collaboration, connections and professional development benefits of working together in the office. All Marsh colleagues are expected to be in their local office or working onsite with clients at least three days per week. Office-based teams will identify at least one “anchor day” per week on which their full team will be together in person.