Specialist - Cloud Security

Description:

Cloud Security Specialist

We are seeking a Cloud Security Specialist to join our team at MMC. This role will be based in Mexico City. This is a hybrid role that has a requirement of working at least three days a week in the office. As a Cloud Security Specialist at Marsh, you will focus on ensuring robust security practices across Application Security, Cloud Security, Acquisition Security, Tech Debt Remediation, and Security Escalations. This role is crucial for maintaining compliance with security standards while addressing risks and vulnerabilities associated with MMC technology assets.

We will count on you to:

Application Security:

• Support the Secure Software Development Lifecycle (SSDLC) by educating development teams on secure coding practices and integrating security checks throughout the development process.
• Assist with onboarding and configuration of security testing tools for new and existing applications.
• Analyze and triage security findings from security testing, providing actionable remediation guidance and tracking vulnerabilities to closure.
• Collaborate with teams to monitor exposed secrets in code repositories and implement practices to prevent hard-coded secrets.

Cloud Security:

• Continuously monitor and assess the security posture of cloud environments, identifying and remediating vulnerabilities and compliance issues.
• Collaborate with engineering teams to implement cloud-native security measures and best practices.
• Work with cloud platform owners to remediate misconfigurations and update permissions as necessary.

Acquisition Security:

• Conduct technical risk assessments of potential acquisition targets to ensure alignment with MMC’s security standards.
• Collaborate with acquisition IT teams to validate security measures and develop plans for integrating new systems into OWG's security framework.
• Manage temporary access requests for vendors and technologies during the integration process.

Tech Debt Remediation:

• Evaluate technical debt related to legacy security controls and work alongside application and infrastructure teams to create upgrade plans.
• Ensure all remediation actions are documented and tracked to maintain audit readiness.

Security Escalations:

• Serve as the primary point of contact for escalated security incidents related to this role, coordinating effective responses.
• Track remediation activities for critical and high-severity issues, ensuring timely resolution in accordance with established SLAs.
• Prepare reports for leadership on the status of escalated issues and ongoing remediation efforts.

Compliance and Reporting:

• Maintain documentation of security assessments, findings, and remediation actions to support compliance audits.
• Generate reports summarizing security metrics, incidents, and compliance status to keep stakeholders informed.

What you need to have:

• Experience: 4-5 years in cybersecurity, with a focus on application security, cloud security, and risk management.
• Expertise in application security practices and monitoring tools
• Strong understanding of cloud security best practices and risk management frameworks.
• Analytical Skills: Ability to evaluate complex security issues and provide clear, actionable remediation strategies.
• Advanced Level of English is a Must

What makes you stand out:

• Detail-Oriented: Meticulous in identifying security risks and ensuring compliance with security standards.
• Collaborative Mindset: Effectively work with cross-functional teams and engage with stakeholders at all levels.
• Proactive Problem Solver: Committed to identifying opportunities for improvement and implementing innovative security solutions.

Why join our team:

• We help you be your best through professional development opportunities, interesting work and supportive leaders.
• We foster a vibrant and inclusive culture where you can work with talented colleagues to create new solutions and have impact for colleagues, clients and communities.
• Our scale enables us to provide a range of career opportunities, as well as benefits and rewards to enhance your well-being.

Marsh McLennan (NYSE: MMC) is a global leader in risk, strategy and people, advising clients in 130 countries across four businesses: Marsh, Guy Carpenter, Mercer and Oliver Wyman. With annual revenue of $24 billion and more than 90,000 colleagues, Marsh McLennan helps build the confidence to thrive through the power of perspective. For more information, visit marshmclennan.com, or follow on LinkedIn and X.

Marsh McLennan is committed to creating a diverse, inclusive and flexible work environment. We aim to attract and retain the best people and embrace diversity of age, background, disability, ethnic origin, family duties, gender orientation or expression, marital status, nationality, parental status, personal or social status, political affiliation, race, religion and beliefs, sex/gender, sexual orientation or expression, skin color, or any other characteristic protected by applicable law.

Marsh McLennan is committed to hybrid work, which includes the flexibility of working remotely and the collaboration, connections and professional development benefits of working together in the office. All Marsh McLennan colleagues are expected to be in their local office or working onsite with clients at least three days per week. Office-based teams will identify at least one “anchor day” per week on which their full team will be together in person.