Specialist - Cyber Risk

We are seeking a talented individual to join our Risk Consulting at Marsh Risk,a business of Marsh. This role will be based in Mumbai. This is a hybrid role that has a requirement of working at least three days a week in the office.

We will count on you to:

• Conduct red team exercise including social engineering assessments.
• Monitor dark web for potential cyber threats, data leaks and emerging cyber risks.
• Collaborate with cross-functional teams to develop and implement security measures based on findings.
• Stay updated with the latest cybersecurity trends, tools, and threat intelligence.
• Support and actively participate in Governance, Risk Management, and Compliance (GRC) initiatives.
• Support the CRC team in research, data collection, and analysis related to cybersecurity risk areas.
• Assist in preparing presentations, reports, and other client-facing deliverables under supervision.
• Learn and apply CRC practice procedures and policies, and help communicate these concepts to non-technical stakeholders.
• Contribute to innovation efforts by sharing fresh ideas and supporting go-to-market strategies.
• Build understanding of various cybersecurity domains and demonstrate eagerness to learn and grow in the field.
• Help maintain project documentation, trackers, and support administrative tasks related to project delivery.
• Collaborate effectively with team members and contribute positively to team dynamics.
• Build proposals and pitch to potential clients, including developing compelling presentations and effectively communicating the value proposition of the Cyber Risk Consulting practice.

What you need to have:

• Recently completed a Masters degree in Computer Science, Information Technology, Cybersecurity, Engineering, Business Administration, or a related field.
• Strong knowledge of network protocols, operating systems (Windows, Linux, Unix), and security technologies.
• Experience with penetration testing tools such as Metasploit, Burp Suite, Nmap, and others along with strong understanding of their impact on IT environments.
• Strong interest in cybersecurity and risk consulting with a willingness to learn and develop specialist knowledge.
• Basic understanding of cybersecurity concepts, frameworks, and standards (e.g., OWASP, NIST, ISO, GDPR) is a plus.
• Familiarity with data analytics and visualization tools such as Power BI.
• Ability to work independently and as part of a team in a fast-paced environment.
• Understanding of GRC frameworks and willingness to engage in related projects.
• Good research, analytical, and problem-solving skills.
• Proficiency in Microsoft Office applications such as Word, PowerPoint, and Excel.
• Effective verbal and written communication skills in English, with the ability to explain technical concepts clearly.
• Ability to work collaboratively in a team environment and manage multiple tasks efficiently.
• Self-motivated, detail-oriented, and eager to take initiative

What makes you stand out

• Prior internship or project experience related to cybersecurity, IT risk, or consulting.
• Familiarity with cybersecurity tools or technical assessments (e.g., vulnerability scanning, penetration testing) is advantageous.
• Bug bounties record.
• Vulnerability publications including CVEs.
• Experience in developing accelerators for delivery efficiency.
• Operational or emerging technologies knowledge is a plus.
• Experience with DevSecOps and integrating security into CI/CD pipelines.
• Knowledge of compliance frameworks and regulatory requirements.
• Experience with threat modeling and vulnerability management programs.
• Basic knowledge of data privacy, IT audit, or governance frameworks.
• Exposure to project management tools such as Microsoft Project or Visio.
• Additional language skills beyond English

Why join our team:

• We help you be your best through professional development opportunities, interesting work and supportive leaders.
• We foster a vibrant and inclusive culture where you can work with talented colleagues to create new solutions and have impact for colleagues, clients and communities.
• Our scale enables us to provide a range of career opportunities, as well as benefits and rewards to enhance your well-being.

Marsh (NYSE: MRSH) is a global leader in risk, reinsurance and capital, people and investments, and management consulting, advising clients in 130 countries. With annual revenue of over $24 billion and more than 90,000 colleagues, Marsh helps build the confidence to thrive through the power of perspective. For more information, visit corporate.marsh.com, or follow us on LinkedIn and X.

Marsh is committed to embracing a diverse, inclusive and flexible work environment. We aim to attract and retain the best people regardless of their sex/gender, marital or parental status, ethnic origin, nationality, age, background, disability, sexual orientation, caste, gender identity or any other characteristic protected by applicable law.

Marsh is committed to hybrid work, which includes the flexibility of working remotely and the collaboration, connections and professional development benefits of working together in the office. All Marsh McLennan colleagues are expected to be in their local office or working onsite with clients at least three days per week. Office-based teams will identify at least one anchor day per week on which their full team will be together in person