IT Security Policy Specialist – Security Policy Specialist

Job Expired

About the job

MMC Technology’s Global Information Security (GIS) team is seeking an experienced Security Policy Specialist that will develop the next generation of security policies for the firm. This role will re-write and transform a myriad of legacy security policies into simplified, cohesive, easy to understand policies that in turn can be connected to other important processes such as DevSecOps procedures. Responsible for ensuring the policies are very well written, understandable at all levels and translatable into actionable tasks for project teams. Separate policy language from standards and/or procedural language into discreet documents that can be cross referenced. Policies will be comprehensibly written and correlate with the NIST Cybersecurity Framework. The individual will interact with various Information Security subject matter experts to develop the policies as well various other teams to integrate the new policies into other important processes and procedures. Participate and contribute to an MMC Tech policy council to ensure we have an effective feedback loop and policies are efficient and standardized.


  • Review, consolidate, simplify, and re-write existing policy documents into Policy and Standards documents.
  • Evolve, plan, and manage improvement to policies and standards through business unit feedback loops and annual plans.
  • Effectively communicate and manage policy changes/updates through engagement into Policy council.


  • Work against aggressive timescales to re-write the policy.
  • Provide innovative ideas and ways to streamline various policies.
  • Address all policy issues and questions within Marsh & McLennan across various business units.
  • Consult with project teams as needed to ensure adherence and alignment to policies.
  • Develop and maintain a security trust center for all colleagues to easily find commonly requested information for themselves or their clients.
  • Ensure policies align to NIST Cybersecurity Framework.
  • Ensure policies meet local and regional regulatory requirements.
  • Review and monitor domestic and international privacy laws to determine impact to existing policies.


  • Experience and ability to understand and translate complex cybersecurity requirements and NIST language into clear, organized, easy-to-understand, well-written policies and standards.
  • Experience in writing and maintaining information security policies for a large multi-national organization.
  • Excellent technical writing skills (English).
  • Knowledge of Federal, state, and local laws, regulations, policies, and ethics as they relate to Cybersecurity and privacy.
  • Ability to succeed in a global environment and collaborate cross-functionally.
  • Detail oriented with ability to review and comment on policies, contracts, and agreements.
  • Self-starter that requires little or no supervision to perform their daily tasks.
  • Background in information security systems.
  • Strong industry knowledge of the regulatory requirements for financial & insurance-based organizations.
  • Undergraduate degree in Computer Science (CS), Computer Information Systems (CIS), other related degrees, or equivalent experience
  • Knowledge of other common industry cybersecurity standards and best practices (e.g., NIST CSF, ISO-27000)
  • 8+ years working within Global Information Security teams.
  • 5+ years working on Global Cybersecurity Projects and Project Teams.


  • Proven track record of delivering on projects with bold timelines.
  • Performed a wide range of Cybersecurity roles in the past.


  • Great culture, talented team, great leadership
  • Standard MMC Salary Package
  • Standard MMC Colleague Benefits
  • Work in a diverse culture and global team
  • Grow in culture focused on training and mentoring

Marsh & McLennan (NYSE: MMC) is the world’s leading professional services firm in the areas of risk, strategy and people. The Company‘s 76,000 colleagues advise clients in over 130 countries. With annualized revenue approaching $17 billion, Marsh & McLennan helps clients navigate an increasingly dynamic and complex environment through four market-leading businesses. Marsh advises individual and commercial clients of all sizes on insurance broking and innovative risk management solutions. Guy Carpenter develops advanced risk, reinsurance and capital strategies that help clients grow profitably and pursue emerging opportunities. Mercer delivers advice and technology-driven solutions that help organizations meet the health, wealth and career needs of a changing workforce. Oliver Wyman serves as a critical strategic, economic and brand advisor to private sector and governmental clients. For more information, visit, follow us on LinkedIn and Twitter @mmc_global or subscribe to BRINK.

Marsh & McLennan Companies and its Affiliates are EOE Minority/Female/Disability/Vet/Sexual Orientation/Gender Identity employers.

More Information

  • This job has expired!

Leave your thoughts

Share this job