Skip Navigation

Security & Risk Analyst

Location: Warsaw, Poland

Company: Oliver Wyman

Job ID R_055398-en


Oliver Wyman is a global leader in management consulting. With offices in 50+ cities across 26 countries, Oliver Wyman combines deep industry knowledge with specialized expertise in strategy, operations, risk management, and organization transformation. Our 4100+ professionals help clients optimize their business, improve their operations and risk profile, and accelerate their organizational performance to seize the most attractive opportunities. Our clients are the CEOs and executive teams of the top Global 1000 companies. Please visit our website for more


As a trusted member of the Information Technology Services team, the ITS Security & Risk Analyst ensures that information security of Oliver Wyman Group within our infrastructure, applications and business processes is continuously improved.   This includes proactive review and remediation of the current state of ITS security issues, management processes, tools and activities, and providing recommendations for enhancement where appropriate.  Candidates will have broad Information Security skills with a solid understanding of cross functional IT Security areas such as Identity & Access Management, Infrastructure Security, Application Security, Data Protection and experience working with a broader team on security products and services.


  • Identify, document, and assess information security vulnerabilities and risks in the information technology environment
  • Evaluate identified vulnerabilities and risks, working with business owners, risk management, and IT leaders
  • Identify tasks and controls necessary to remediate identified risks and vulnerabilities; negotiate dates for remediation to be complete
  • Monitor appropriate sources for newly identified vulnerabilities, evaluate the risk such vulnerabilities pose to the organization’s information and systems, and advise management of appropriate measures to eliminate or reduce the organization’s risk or exposure to such vulnerabilities
  • Monitor appropriate industry sources to maintain awareness of new security tools and techniques and research those tools and techniques that have the potential to improve the organization’s ability to protect its information and infrastructure
  • Lead or participate in the development of security standards, processes, and procedures
  • Work with responsible teams to develop mitigation plans and ensure vulnerabilities are addressed and remediated effectively and efficiently
  • Provide security consulting and technical assistance with the evaluation, selection, initial set-up and secure deployment of new IT systems
  • Follow up with compliance tasks related to policies, standards and procedures
  • Coordinate communication with various stakeholders and provide general support on risk & security related issues


  • Strong technical knowledge of information security principles, including risk assessment and management, Cyber security defenses, application security, operating system hardening,  threat and vulnerability management, encryption,  and identity and access management
  • Knowledge of Directory Services (LDAP, AD) and Internet/Intranet architecture and design
  • Ability to weigh business risks and enforce appropriate information security measures; excellent documentation and presentation skills; ability to explain information security concepts to audiences outside of the field
  • Proven ability to examine, improve and execute the organization's existing security risk assessment processes and procedures
  • Excellent written and verbal communication skills.
  • SharePoint and advanced excel skills a plus
  • Excellent planning and organizational skills.
  • Excellent customer\client service orientation
  • Polished and professional demeanor
  • Occasional travel to other offices and firm events


  • Minimum 3 years of experience in information security experience

  • A Bachelors’ degree in Computer Science, MIS, business or equivalent experience is required.  
  • Security Certification (e.g. CISSP) a plus
  • .NET programming, Powershell or Java scripting a major plus

Please send us your CV in English

Oliver Wyman is an equal opportunity employer and a wholly owned subsidiary of Marsh & McLennan Companies. To learn more, please follow us on Facebook, LinkedIn or Twitter: @OliverWyman

Apply Later
  • Stay Connected

    Join our Talent Community and receive information on future opportunities.

    Sign Up

  • Saved Jobs

    You have not saved any jobs.

    See All Saved Jobs

  • Mercer Campus Careers

    Mercer offers many exciting and fruitful internship and entry-level positions.

    Learn more here

  • Leadership Recognition

    Dan Glaser, President and CEO, has been named to Institutional Investor magazine’s 2017 All-America Executive Team ranked as the #3 Overall CEO in the insurance industry, #3 with buy-side analysts and #2 with sell-side analysts.

  • Careers at Marsh & McLennan Companies