The Senior Information Security Specialist role reports into the Head of Information Security at Darwin. The successful candidate will be a self-starter with a wealth of experience having developed into the role of a specialist from other similar roles.
As Senior Information Security Specialist you will:
be helping guide and would the less experienced members within the team and sharing your experience and skills through the daily BAU tasks.;
support the delivery of security initiatives and assist in driving improvements to the ISMS as a whole;
be an SME to other teams on all matter's security as well as interface with clients to provide assurance on the security controls implemented as well as their effectiveness of said controls;
have great interpersonal skills and the ability to work across multiple disciplines with some general knowledge of business and the commercial aspects of how Information Security contributes to continued revenue generation processes;
willing to be flexible with work (peak periods might require some unscheduled hours) albeit adhering to the normal working hours most of the time.
have had some exposure and experience of working with an ISMS (Preferably the ISO 27001) to achieve the desired goal of certification.
What is in it for you?
An opportunity to work in a fast-growing, innovative company with lots of room for progression and career growth;
A fail-friendly environment that encourages learning and initiative;
A yearly budget and the opportunity to build your flexible benefits package (up to 20% of your annual salary);
30+ days off (25 legal days off, 1 extra day off on your birthday, public holiday replacement days, extra buy/sell from your benefits budget);
Performance Bonus scheme;
Matching charity contributions, charity days off, and the Pay it Forward charity challenge;
Core benefits - Pension, Life and Medical Insurance, Meal Vouchers, Travel Insurance;
We champion flexible working, and our mission is to help you find YOUR work-life balance, whether that's standard working, flex-time working, or working from home;
What you need to have:
Excellent verbal and written communication skills in Romanian and English ensuring effective and professional communication with stakeholders;
Excellent understanding of security techniques and Info Sec principles
4 + years exposure or experience of dealing with and managing an ISMS;
Detailed knowledge of facilitating external audits, and running and leading internal audits;
Ability to understanding technical documentation and the translation of said information into easy to assimilate language for non-technical audience;
Thorough understanding and first-hand experience of carrying out risk assessments as well as managing risk;
Ability to develop, maintain and continually review technical security documentation (policies, processes & procedures);
Self-motivated and proactive, consistently delivering high-quality work with minimal supervision;
Strong analytical and problem-solving abilities, coupled with meticulous attention to detail, enabling the identification and resolution of complex issues;
Broad understanding of technology functions;
Desired certification
CISSP/CISM
CISA/ISO 27001 Lead Auditor
ISO 27001 Lead Implementer
Information Security Risk Management
We will count on you to:
Assume responsibility for team with respect to BAU and leadership where required,;
Lead in projects and act as an SME to clients and internal stakeholders,;
Work closely with technical teams to manage vulnerabilities;
Managing over all IS risks through defined corrective actions.
Here at Darwin, we do not just get the job done, we go the extra mile. We strive to achieve one extra degree in all we do. We can do this because we have amazing people who do awesome things. Wherever we are in the world we inspire connections and take great care to make working at Darwin a rewarding and meaningful career experience.
Founded over 20 years ago, Darwin's Technologies main ambition was to change the world of benefits. Fast forward to the present day and it is leading the way as a cornerstone benefits technology product in the Marsh Mc Lennan, (MMC), Tech portfolio. MMC are now building out their EMEA Technology Hub in Cluj, Romania.
MMC is a global professional services firm, headquartered in New York City with businesses in insurance brokerage, risk management, reinsurance services, talent management, investment advisory, and management consulting. It comprises the businesses of Marsh, Mercer, Guy Carpenter, JLT, Oliver Wyman and Darwin.
The regional hub will contain teams of Application Developers, Business Analysts, Project/Program Managers and other technology roles that require time zone overlap with clients in EMEA. As a regional hub we are equipped to scale our vast technical expertise through a variety of outputs, while helping to unleash our potential as one company, to effectively meet today's emerging challenges through the brilliant technology we build and deliver together.
Mercer believes in building brighter futures by redefining the world of work, reshaping retirement and investment outcomes, and unlocking real health and well-being. Mercer’s more than 20,000 employees are based in 43 countries and the firm operates in over 130 countries. Mercer is a business of Marsh Mc Lennan (NYSE: MMC), the world’s leading professional services firm in the areas of risk, strategy and people, with more than 85,000 colleagues and annual revenue of over $23 billion. Through its market-leading businesses including Marsh, Guy Carpenter and Oliver Wyman, Marsh Mc Lennan helps clients navigate an increasingly dynamic and complex environment. For more information, visit mercer.com. Follow Mercer on Linked In and X.
Marsh Mc Lennan is committed to creating a diverse, inclusive and flexible work environment. We aim to attract and retain the best people and embrace diversity of age, background, disability, ethnic origin, family duties, gender orientation or expression, marital status, nationality, parental status, personal or social status, political affiliation, race, religion and beliefs, sex/gender, sexual orientation or expression, skin color, or any other characteristic protected by applicable law.
As a company, we are committed to hybrid work, which includes the flexibility of working remotely and the collaboration, connections, and professional development benefits of working together in the office. Our teams will jointly identify at least one “anchor day” per week on which the full team will be together in person. This unwavering policy is carefully crafted to enhance team unity, inspire creativity, foster meaningful interactions between our colleagues, and help build our culture and local communities.