Job Profile: Manager, Cyber Risk Consulting, Marsh
Location: Mumbai
MMC Business Unit: Marsh
MMC Office Name: Marsh McLennan Global Services India Private Limited (MMGS)
MMGS Function: Knowledge Services
Marsh is a global leader in insurance broking and risk management. In more than 130 countries, our experts in every facet of risk and across industries help clients to anticipate, quantify, and more fully understand the range of risks they face.
Marsh Advisory is the consultative branch of Marsh, which operates internationally and provides solutions in the increasing needs of our clients to implement risk management programs within their organization.Marsh Advisory helps companies to change their risk profiles so they can improve resiliency, reduce claims, and minimize the total cost of risk. Businesses today regularly tackle multiple challenges; whether facing property and casualty, cyber, reputational, or other risks, Marsh Advisory can help.
The global Cyber Risk Consulting (CRC) practice of Marsh Advisory supports customers to understand, estimate and mitigate cyber risks. This role is open in Marsh McLennan Global Services (MMGS) a global in-house center for MMC Group. The MMGS in Mumbai has a function called ‘Knowledge Services’ which supports the MMC group by providing specialized services. Under the Knowledge Services function, there is Marsh Advisory team, which supports the global clients and colleagues, this role will initiate a new service line for Marsh Advisory team in Mumbai, which entails supporting the CRC colleagues in execution of the cyber consulting projects.
What can you expect?
Collaborate with the CRC practice in India, Middle East and Africa (IMEA) for delivery of the practice's value proposition in the regions.Provide complete support to delivery of the desired deliverables as per the agreed scope of work with the client, and provide an efficient delivery model for Marsh CRC practicePlay a key role in leading the delivery of multiple CRC projectsResponsible for review and training of junior colleagues to ensure the deliverable is as per the expected quality framework.Moderate travel within India, Middle East, and Africa (IMEA) region for client engagements and collaboration with the CRC practice.We will count on you to:
Support the IMEA CRC practice, and be hands-on in delivery of the consulting projects and mentor the junior colleagues in their projectsPrepare deliverables for cyber consulting practice under the guidance of the CRC practiceConduct research on the clients cybersecurity risk areas and prepare a point of view for consultingSupport the team towards constant innovation of cybersecurity approach and go-to-market strategyQuick learner of the CRC practices’ procedures and policies, and is able to explain the same to non-technical clients/colleaguesUnderstand different domains within cybersecurity space and demonstrate passionIs on track to build specialization to demonstrate specialist knowledge in cybersecurity Contribute in research support for building a robust CRC practice deliverablesWill be responsible to maintain key project track record and detailed process documentationsDelivery of the projects would be done either remotely or onsite depending on the client requirementAbility to motivate the team members and take the high road to ensure client successBuild proposals and pitch to potential clients, including developing compelling presentations and effectively communicating the value proposition of the Cyber Risk Consulting practice.What you need to have:
The candidate must possess the following attributes:
Post Graduate or equivalent from an institute of repute5 to 7 years professional experience in cybersecurity consulting domain in Big 4 or boutique firms;At least one of the following Professional cyber security certifications (e.g. CISA, CISSP, ISO LA/LI or Security+) would be mandatory;Expertise in ICT security principles and controls. Candidate should ideally have hands on experience in conducting Cyber risk assessments, designing cyber security framework (including policies, procedures), ISO/IT GRC implementations, audits, license management, vendor risk management, DLP, IRM, compliance management, user awareness trainings and data privacy.Knowledge on Cyber Security standards / regulations. E.g. COBIT, NIST, ISO, GDPR, RBI Guidelines etc.Experience in IT Disaster Recovery Management.Operational or emerging technologies knowledge is a plus.Ability to develop quality reports, presentations, project trackers.Should be proficient in Ms. Office applications such as Word, PowerPoint, and Excel. Basic knowledge in Project, Teams, and Visio.Effective communicator who is able to share insights with clients/stakeholdersStrong analytical problem solving skills and experienceSmart, collaborative, relationship and outcome focused with the ability to make decisions where ambiguity exists;Ability to demonstrate sound judgment in the prioritization of competing work assignments, escalation of issues and the formulation of solutions;Effective organization skills with key attention to detail and delivery of high quality documentation with the ability to implement/influence change;Strong sense of business ethics and principles;Graduate degree in Computer Science, Engineering or Business Administration.Excellent English language skills, both verbal and written with the ability to communicate technical matters to a non-technical audience.Fluency in additional foreign languages constitutes an advantage.What is good to have:
Experience in data governance/data privacyExperience of internal or external IT auditOT/ICS Cybersecurity knowledgeKnowledge of technical assessments (VA/PT, WAPT, Config. Review etc.)Experience with developing cyber security strategiesExperience in Ms. Visio, Ms. ProjectFluency in foreign language constitutes an advantage. Marsh, a business of Marsh McLennan (NYSE: MMC), is the world’s top insurance broker and risk advisor. Marsh McLennan is a global leader in risk, strategy and people, advising clients in 130 countries across four businesses: Marsh, Guy Carpenter, Mercer and Oliver Wyman. With annual revenue of $24 billion and more than 90,000 colleagues, Marsh McLennan helps build the confidence to thrive through the power of perspective. For more information, visit marsh.com, or follow on LinkedIn and X.
Marsh McLennan is committed to embracing a diverse, inclusive and flexible work environment. We aim to attract and retain the best people and embrace diversity of age, background, caste, disability, ethnic origin, family duties, gender orientation or expression, gender reassignment, marital status, nationality, parental status, personal or social status, political affiliation, race, religion and beliefs, sex/gender, sexual orientation or expression, skin color, or any other characteristic protected by applicable law.
Marsh McLennan is committed to hybrid work, which includes the flexibility of working remotely and the collaboration, connections and professional development benefits of working together in the office. All Marsh McLennan colleagues are expected to be in their local office or working onsite with clients at least three days per week. Office-based teams will identify at least one “anchor day” per week on which their full team will be together in person.