Oliver Wyman - Security Controls & Risk Analyst - Warsaw

1 day ago – Be among the first 25 applicants

Join to apply for the Oliver Wyman - Security Controls & Risk Analyst - Warsaw role at Oliver Wyman

No two Oliver Wyman projects are the same. You’ll be working with varied and diverse teams to ensure security is baked‑in from the start. As an IT Security & Risk Analyst you will work with our business to drive and improve our security and compliance posture. Your work will range from advising on internal projects and initiatives, driving improvements on audit remediation tasks, to responding to ad‑hoc security requests from our colleagues. This role sits in our Information Technology Services team – whose mission is to support Oliver Wyman Group’s goals through excellent design, development and the application of innovative technology.

Key Tasks and Responsibilities

• Support IT projects and initiatives, driving security through participation in the full lifecycle including oversight, compliance with required data classification security controls, research, solution proposal, technical and administrative tasks and other controls as required by information security policy and procedures.
• Identify tasks and controls necessary to remediate identified risks and vulnerabilities and negotiate remediation dates with business owners.
• Assist in designing and developing supporting frameworks and tools for the ITS Security Controls & Risk Group and for compliance and risk projects.
• Support preparation and remediation activities for Oliver Wyman Group audits, including researching the status of specific controls and determining compliance levels against company policies and procedures, and guide stakeholders to meet security and compliance levels.
• Ensure privacy, risk and compliance requirements are addressed in project scope and deployment for assigned projects.
• Monitor sources for newly identified vulnerabilities, analyse risk, and appropriately escalates to management.
• Assist with assigned risk and control activities such as logical security initiatives, access reviews and privacy compliance requirements, tracking issues and action items, and documenting progress across security & risk initiatives.
• Carry out any other tasks given by the Line Manager within the scope of the job to ensure effective delivery and development of the service.

Who we are looking for

• You are a well‑rounded technologist with a strong desire to drive security change.
• Minimum 3 years’ experience in information security.
• A bachelor’s degree in Computer Science, MIS, business or equivalent experience. An advanced degree is a plus.
• IT Security and Risk Certifications (e.g., CISSP, CISM, CRISC) are an advantage.
• Experience in information systems auditing is a plus.

Skills and Credentials

• Good technical knowledge of information security principles including risk assessment, administrative security controls, identity and access management, cybersecurity defences, encryption, application security, and compliance with privacy law and other regulations.
• Ability to weigh business risks and enforce appropriate security measures, with good documentation and presentation skills.
• Knowledge of project development lifecycle, secure development lifecycle, and ability to assess architectural documents for risks, vulnerabilities and threats.
• Excellent written and verbal communication skills.
• Fluent English.
• Planning and organizational skills.
• Customer/client service focus.
• Polished and professional demeanor.

We Offer

• Full‑time contract with an attractive compensation package.
• Selection of benefits (e.g., private health care, insurance, sport card, lunch card, gift card, savings plan, pension plan).
• Opportunity for professional growth in a stable, global company.
• Access to mentoring and training programs.
• Inclusive culture with Colleague Resource Groups and CSR activities.
• Diverse and dynamic teams, a friendly and flexible workplace promoting work‑life balance.
• Fresh fruit, beverages and snacks while working in our modern office near the city center.

Employment Details

• Seniority level: Not applicable.
• Employment type: Full‑time.
• Job function: Finance and Sales.
• Industries: Insurance and Business Consulting and Services.

R_324278

Marsh McLennan is committed to creating a diverse, inclusive and flexible work environment. We aim to attract and retain the best people and embrace diversity of age, background, disability, ethnic origin, family duties, gender orientation or expression, marital status, nationality, parental status, personal or social status, political affiliation, race, religion and beliefs, sex/gender, sexual orientation or expression, skin color, or any other characteristic protected by applicable law.

Marsh McLennan is committed to hybrid work, which includes the flexibility of working remotely and the collaboration, connections and professional development benefits of working together in the office. All Marsh McLennan colleagues are expected to be in their local office or working onsite with clients at least three days per week. Office‑based teams will identify at least one “anchor day” per week on which their full team will be together in person.

Oliver Wyman, a business of Marsh McLennan (NYSE: MMC), is a management consulting firm combining deep industry knowledge with specialized expertise to help clients optimize their business, improve operations and accelerate performance. Marsh McLennan is a global leader in risk, strategy and people, advising clients in 130 countries across four businesses: Marsh, Guy Carpenter, Mercer and Oliver Wyman. With annual revenue of $24 billion and more than 90,000 colleagues, Marsh McLennan helps build the confidence to thrive through the power of perspective. For more information, visit oliverwyman.com.