Company: MercerDescription:Mercer is seeking candidates for the following position based in Melbourne, Sydney, Brisbane, or Adelaide.Specialist - Mercer Information SecurityAre you a graduate with at least two years of experience in the Information Security or Information Technology space? Then we may have the perfect opportunity for you!What can you expect?
- Mercer Information Security is looking for an Information Security Specialist with experience or interest in Application Security Architecture to play a role in ensuring the security of Mercer's application systems.
- As part of a Global Information Security team, you will work closely with application, infrastructure, operations, and other technical teams to review and deliver secure application systems. Reporting to Mercer's Application Security Architect Lead, you will be the dedicated Information Security resource supporting the Pacific business.
- Benefits - including a generous Pension contribution, Private Medical Insurance, Life and Health cover.
- An extensive suite of flexi benefits, which include a discounted gym membership, cycle scheme, Dentist & Doctor.
- In addition, we also give all our colleagues one paid day each year to perform volunteer work at a non-profit organization.
- Discretionary Bonus, Corporate Discounts & flexible/remote working within a hybrid role.
- Employee and company sponsored training allowing you to keep abreast of current. technologies - we feel it’s important that we always strive to expand, grow and learn.
- Flexible work opportunities for work/life balance.
- A culture of internal mobility, diversity, inclusion, and collaboration.
- The chance to join an evolving, highly skilled Global team.
- Support Mercer Information Security strategies and fundamentally ensure the security of the information Mercer is entrusted to protect.
- Review and provide security recommendations for Information Technology (IT) initiatives.
- Engage in new and existing application projects to provide guidance and direction for aspects of Marsh McLennan’s Secure Software Development Life Cycle (SSDLC).
- Work with business and IT to create data flow diagrams.
- Assist with assessing and remediating BitSight Security Score findings.
- Assist in the identification, prioritization, and remediation of application vulnerabilities.
- Support and provide remediation guidance for application vulnerabilities and other security risks.
- Assist with enhancing Mercer's Information Security Program, client security requests, audits, risk exceptions, and questionnaires.
- Integrate Mercer's security framework with Marsh McLennan policies.
- Basic understanding of application coding practices, terminology, and remediation techniques for OWASP top 10 and SANS top 25 are required.
- A bachelor’s degree or equivalent work experience in computer science, information systems, informatics, cybersecurity, or a related field.
- Two plus years of experience in a technical Information Technology (IT) or Information Security role, with experience in IT engineering, networking, and/or system implementation.
- Exceptional technical acumen, with a deep understanding of IT systems, emerging technologies, and cybersecurity practices.
- Experience with adding security to the CI/CD pipeline.
- Ability to remain current on security industry trends, attack techniques, mitigation techniques, security technologies, and new and evolving threats.
- Experience remediating findings found by cybersecurity rating firms.
- Excellent interpersonal skills and ability to leverage cross-functional teams to drive changes in a complex environment.
- Strong oral and written communication skills.
- SANS training/certifications and CISSP are preferred.
- Experience with cloud computing environments.