Information Security Engineer

Information Security Engineer Mercer

Location: Remote/USA

Mercer is seeking a passionate information security engineer to help protect data, identities and applications in our global organization.

What can you expect?

• Secure Marsh & McLennan and Mercer applications
• Provide design, engineering, implementation, and production support for MMC Data Protection Platforms (Encryption & Key Management, SecureData, and Thales/Vormetric) and Mercer Identity Security Solutions (OKTA, ADFS, SSO, MFA)
• Provide platform support for security testing tools

What is in it for you?

• Career Growth in a company where performance is rewarded with new opportunities
• Competitive salaries and comprehensive benefits and programs including: health and welfare, tuition assistance, 401K, employee assistance program, domestic partnership benefits, career mobility, employee network groups, volunteer opportunities, and other programs
• High visibility internally and externally

We will count on you to:

• Provide design, engineering, implementation, and production support for MMC Data Protection Platforms (Encryption & Key Management, SecureData, and Thales/Vormetric) and Mercer Identity Security Solutions (OKTA, ADFS, SSO, MFA
• Provide platform support for security testing tools, like Whitehat, Synopsis Blackduck, Burpsuite.
• Conduct and manage data security assessments/reviews of applications
• Identify potential security vulnerabilities, determining what controls are necessary to protect the data, determining effectiveness of existing controls and to design and implement additional controls as needed
• Work with Application and Data Owners to utilize cryptographic data security tools to encrypt, tokenize, and data mask to protect and minimize risk for sensitive data.
• Help establish and review API Security configuration standards and controls
• Research and test new technologies and solutions related to data & identity protection and application security testing tools

What you need to have:

• Bachelor's or Master's degree in Business Administration, Information Technology, Computer Science, or related field
• At least 8-10 years of professional experience in Information Technology with at least 5-6 years in Information Security
• Working knowledge in all areas of technology (infrastructure, applications, SDLC, end-user platforms and IT Operations)
• Experience with encryption, identity management, AuthN/Z systems and API Security
• Experience with at least 2 of the following, enterprise key management, encryption, CIAM, Identity and Access Management, SSO, and MFA
• Experience working with cloud technologies such as AWS/Azure
• Advanced interpersonal communications skills including superior writing and verbal skills
• A drive to learn new technologies and adapt to an ever-changing technology landscape

Preferred to have:

• Experience deploying enterprise data protection solutions (Thales Vormetric, Microfocus SecureData (Voltage), TDE.
• 3+ years securing data in the cloud (AWS, Azure, SDFC)
• 4+ years with CIAM (Ex. IGA, OKTA, Ping, ADFS, RSA or similar such as Sailpoint or Forgerock)
• Experience in scripting, and automation
• Extensive experience with encryption, identity management, AuthN/Z systems and API Security
• Experience in managing small to medium complex projects

Other requirements (licenses, certifications, specialized training)

• Working knowledge of Data Protection technologies and solutions.
• Candidates will be responsible for participating in 24x7 support and on-call rotation.
• IT Security and training preferred. (CISSP, CEH, SANs training)

Nice to have: Experience with Data Regulations, GDPR, NYDFS, CCPA etc.

At Mercer, we make a difference in the lives of more than 110 million people every day by advancing their health, wealth, and careers. We are in the business of creating more secure and rewarding futures for our clients and their employees whether we are designing affordable health plans, assuring income for retirement or aligning workers with workforce needs. Using analysis and insights as catalysts for change, we anticipate and understand the individual impact of business decisions, now and in the future. We see people's current and future needs through a lens of innovation, and our holistic view, specialized expertise, and deep analytical rigor underpin each idea and solution we offer. For more than 70 years, we have turned our insights into actions, enabling people around the globe to live, work, and retire well. We embrace a culture that celebrates and promotes the many backgrounds, heritages and perspectives of our colleagues and clients. At Mercer, we say we Make Tomorrow, Today. Visit www.mercer.com for more information, follow us on LinkedIn, and Twitter @Mercer

Marsh & McLennan Companies offers competitive salaries and comprehensive benefits and programs including health and welfare, tuition assistance, 401K, employee assistance program, domestic partnership benefits, career mobility, employee network groups, volunteer opportunities, and other programs. For more information about our company, please visit us at http://www.mmc.com/. We embrace a culture that celebrates and promotes the many backgrounds, heritages and perspectives of our colleagues and clients. For more information, please visit us at: www.mmc.com/diversity.

Mercer LLC and its separately incorporated operating entities around the world are part of Marsh & McLennan Companies, a publicly held company (ticker symbol: MMC).

Marsh & McLennan Companies and its Affiliates are EOE Minority/Female/Disability/Vet/Sexual Orientation/Gender Identity employers.