Mercer Chief Information Security Officer (CISO)

We are seeking a talented individual to join our Information and Security team at Mercer. This role will be based in New York, Boston, Dallas, Denver, Houston, Louisville, Morristown, Phoenix, Urbandale in the US, as well as Toronto, Canada, London, and Dublin, Ireland. This is a hybrid role that has a requirement of working at least three days a week in the office.

The Mercer Chief Information Security Officer (CISO) is a business security leadership role responsible for establishing and maintaining the enterprise security vision, strategy, and program within our Mercer business. This leadership role is essential for continuing and improving the Security program to ensure that Mercer’s digital information assets and IT systems are adequately protected against cyber risks and insider threats.

We will count on you to:

• Establish and implement a risk-based strategy and program to enhance the cyber preparedness of Mercer functions.
• Maintain and develop a team of cybersecurity experts to support governance, compliance, and regulatory requirements.
• Collaborate with IT and application owners to track vulnerability remediation across systems, applications, and code.
• Partner with business leadership and application teams to ensure Mercer applications are developed according to the Secure Software Development Life Cycle (S-SDLC) processes.
• Monitor information security trends and keep business leadership informed about potential security-related issues.
• Report risk management metrics to the appropriate Risk Committees and drive related risk mitigation activities.
  
  

What you need to have:

• Proven experience in a senior security leadership role, preferably as a CISO or equivalent.
• Strong understanding of regulatory compliance and risk management frameworks.
• Experience in developing and implementing security policies, standards, and procedures.
• Excellent communication and collaboration skills to work with cross-functional teams.
  
  

What makes you stand out:

• Relevant certifications such as CISSP, CISM, or CISA.
• Experience with cloud security, particularly in GovCloud environments.
• A proactive approach to identifying and mitigating security risks.
  
  

Why join our team:

• We help you be your best through professional development opportunities, interesting work, and supportive leaders.
• We foster a vibrant and inclusive culture where you can work with talented colleagues to create new solutions and have an impact for colleagues, clients, and communities.
• Our scale enables us to provide a range of career opportunities, as well as benefits and rewards to enhance your well-being.
  
  

Marsh McLennan (NYSE: MMC) is a global leader in risk, strategy and people, advising clients in 130 countries across four businesses: Marsh, Guy Carpenter, Mercer and Oliver Wyman. With annual revenue of $24 billion and more than 90,000 colleagues, Marsh McLennan helps build the confidence to thrive through the power of perspective. For more information, visit marshmclennan.com, or follow on LinkedIn and X.

Marsh McLennan is committed to embracing a diverse, inclusive and flexible work environment. We aim to attract and retain the best people and embrace diversity of age background, disability, ethnic origin, family duties, gender orientation or expression, marital status, nationality, parental status, personal or social status, political affiliation, race, religion and beliefs, sex/gender, sexual orientation or expression, skin color, veteran status (including protected veterans), or any other characteristic protected by applicable law. If you have a need that requires accommodation, please let us know by contacting [email protected].

Marsh McLennan is committed to hybrid work, which includes the flexibility of working remotely and the collaboration, connections and professional development benefits of working together in the office. All Marsh McLennan colleagues are expected to be in their local office or working onsite with clients at least three days per week. Office-based teams will identify at least one “anchor day” per week on which their full team will be together in person.

The applicable base salary range for this role is $227,400 to $341,100.

The base pay offered will be determined on factors such as experience, skills, training, location, certifications, education, and any applicable minimum wage requirements. Decisions will be determined on a case-by-case basis. In addition to the base salary, this position may be eligible for performance-based incentives.

We are excited to offer a competitive total rewards package which includes health and welfare benefits, tuition assistance, 401K savings and other retirement programs as well as employee assistance programs.

R_308265