Application Security Architect – Mercer

Job Expired

About the job

Location: United States: San Antonio, Austin, Dallas, NYC, Chicago, Houston, Louisville, Minneapolis and Warsaw: Prosta, Emilii NC, and Jerozolimskie

What can you expect?

The Application Security Architect will participate in the secure software development lifecycle of Mercer applications. He or she will be part of the Mercer Information Security team, and will collaborate with other IT teams including operations, infrastructure, and application development. This person will report to Mercer’s Lead Application Security Architect.

What is in it for you?


  • A company with a strong brand and strong results to match.
  • Culture of internal mobility, collaboration and valued partnerships.
  • Competitive pay (salary and performance bonus potential).
  • Full benefits package – starting day one (medical, dental, vision, life insurance, 401k match AND contribution).

We will count on you to:


  • Engage in new and existing application projects to provide guidance and direction with regard to all aspect of the SSDLC.
  • Assist in the identification, prioritization, and remediation of application vulnerabilities.
  • Leverage industry standard tools to map and model the application architecture and traffic flow to predetermine areas of focus for improving security and reducing risks.
  • Solution compensating controls and mitigation strategies to reduce technical and business risk with regard to application security and data protection.
  • Enhance and/or develop KPI reports showing remediation effectiveness and risk reduction.
  • Assist with other application security programs as needed.
  • Help define and continuously improving application vulnerability product and technology roadmaps.
  • Research industry best practices and maintain technical expertise to remain relevant in the industry.
  • Participate in the computer incident response team as required by providing Tier III support as needed to mitigate security incidents.

What you need to have:


  • A vast and diverse understanding of application coding practices, terminology, and remediation techniques for OWASP top 10 and SANS top 25 are required.
  • Bachelor degree in computer sciences or information secure or 4 years or more in information security, with exposure/knowledge of application vulnerability management
  • Experience with adding security to the CI/CD pipeline
  • Extensive deciphering and analysis of DAST and SAST findings
  • Ability to remain current on security industry trends, attack techniques, mitigation techniques, security technologies and new and evolving threats
  • Excellent interpersonal skills and ability to leverage cross-functional teams to drive changes in a complex environment
  • Strong oral and written communication skills
  • SANS training/certifications and CISSP preferred

What makes you stand out:

Relevant postgraduate and / or professional qualification

Relevant technical certifications

About us:

Mercer believes in building brighter futures by redefining the world of work, reshaping retirement and investment outcomes, and unlocking real health and well-being. Mercer’s more than 25,000 employees are based in 44 countries and the firm operates in over 130 countries. Mercer is a business of Marsh McLennan (NYSE: MMC), the world’s leading professional services firm in the areas of risk, strategy and people, with 76,000 colleagues and annual revenue of $17 billion. Through its market-leading businesses including Marsh, Guy Carpenter and Oliver Wyman, Marsh & McLennan helps clients navigate an increasingly dynamic and complex environment. For more information, visit Follow Mercer on Twitter @Mercer.

Mercer is an equal opportunity employer committed to embracing a diverse, inclusive and flexible work environment. We aim to attract and retain the best people regardless of their sex (including intersex), marital/parental status, ethnic origin, nationality, age, background, disability, sexual orientation and gender identity.


More Information

  • This job has expired!

Leave your thoughts

Share this job