Chief Information Security Officer (CISO) - Information Security Leader

At Mercer, we make a difference in the lives of more than 110 million people every day by advancing their health, wealth, and careers. We're in the business of creating more secure and rewarding futures for our clients and their employees - whether we're designing affordable health plans, assuring income for retirement or aligning workers with workforce needs. Using analysis and insights as catalysts for change, we anticipate and understand the individual impact of business decisions, now and in the future. We see people's current and future needs through a lens of innovation, and our holistic view, specialized expertise, and deep analytical rigor underpin each and every idea and solution we offer. For more than 70 years, we've turned our insights into actions, enabling people around the globe to live, work, and retire well. We embrace a culture that celebrates and promotes the many backgrounds, heritages and perspectives of our colleagues and clients. At Mercer, we say we Make Tomorrow, Today. Visit www.mercer.com for more information and follow us on LinkedIn and Twitter @Mercer.

Mercer LLC and its separately incorporated operating entities around the world are part of Marsh & McLennan Companies, a publicly held company (ticker symbol: MMC).

Summary

The purpose of this role is to be responsible for establishing and maintaining the enterprise vision, strategy and program to ensure that Mercer's physical and digital information assets and technologies are adequately protected. Working with business leadership, Operations and Systems colleagues and the MMC Information Security community, the Mercer Information Security Leader will lead the organization in identifying, developing, implementing and maintaining processes across the organization to reduce information and information technology risks. He or she will establish appropriate standards and controls, indirectly manage security technologies and direct the establishment and implementation of policies and procedures.

Responsibilities

Reporting to the Mercer Chief Information Officer (CIO) and the MMC Chief Information Security Officer (CISO) (dual reporting), and working with business leadership, operations and systems colleagues and the MMC Information Security community, the Chief Information Security Officer (CISO) - Information Security Leader will:

  • Lead, define and implement a risk based strategy and program to manage Mercer's digital and information assets; continuously review and set/update policies to support the program
  • Provide leadership to define and implement a risk based strategy and program to manage our digital and information assets and then continuously review and set/update policies to support the program.
  • Participate in key Operations and Systems operating routines to implement and drive information security risk strategy
  • Work with the Operations and Systems team to ensure Mercer's applications are developed, enhanced and maintained according to the SDLC and associated security guidelines
  • Work with business colleagues to review RFPs, RFIs etc., and provide security and risk-related input into proposals
  • Collaborate with MMC IT Security and Audit colleagues to help define and ensure MMC-wide consistency of security protocols and risk management.
  • Establish appropriate standards and controls, indirectly manage security technologies and direct the establishment and implementation of policies and procedures.
  • Monitor information security trends internal and keeps business leadership informed about information security-related issues and activities potentially affecting the organization


Meet Some of Marsh & McLennan Companies's Employees

Nancy K.

Contract Review Specialist

Nancy reviews the contracts her clients either offer or receive from vendors, taking care to monitor the insurance requirements on the provided services.

James S.

Partnership Certificate Supervisor

As supervisor of the North Central Team, James manages 24 direct reports in an operations environment and encourages high-quality production and professional development.


Back to top