How much salary can I expect as a Senior Manager - IT Security Operations in Marsh McLennan in Gurgaon/Gurugram?

You can expect a minimum salary of 0 INR. The salary offered will depend on your skills, experience and performance in the interview.

What is the eligibility criteria to apply for Senior Manager - IT Security Operations in Marsh McLennan in Gurgaon/Gurugram?

The candidate should have completed the required education and people who have 5 to 31 years are eligible to apply for this job. You can apply for more jobs in Gurgaon/Gurugram to get hired quickly.

Is there any specific skill required for this job?

The candidate should have sound communication skills and sound communication skills for this job.

Who can apply for this job?

Both Male and Female candidates can apply for this job.

Is it a work from home job?

No, it's not a work from home job and can't be done online. You can explore and apply for other work from home jobs in Gurgaon/Gurugram at apna.

Are there any charges or deposits required while applying for the role or while joining?

No work-related deposit needs to be made during your employment with the company.

How can I apply for this job?

Go to the apna app and apply for this job. Click on the apply button and call HR directly to schedule your interview.

What is the last date to apply?

The last date to apply for this job is . For more details, download apna app and find Full Time jobs in Gurgaon/Gurugram . Through apna, you can find jobs in 64 cities across India. Join NOW!

Senior Manager - IT Security Operations

Marsh McLennan

Senior Manager - IT Security Operations

Marsh McLennan

Gurgaon/Gurugram

Not disclosed

Work from Office

Full Time

Min. 5 years

Job Description

Senior Manager - IT Security Operations

Company:

Marsh

Description:

Overview / Role Scope

Ensure availability, reliability, and efficient operations of Marsh & McLennan Companies (MMC) global network and security infrastructure. This role provides holistic oversight across both network operations (traditional NOC) and security operations (SOC‑adjacent) covering switching, routing, network management, and security platforms across on‑prem and cloud environments (AWS, Azure, Oracle OCI). The position enforces security policies, reduces risk, supports incident response, and drives continuous operational improvement.

Work Schedule & On‑Call Coverage

Part of a single, global follow‑the‑sun operations model. Primary working hours cover EMEA time zones with a focus on UK business hours. The role participates in a rotated on‑call roster that includes weekend coverage; candidates should expect periodic out‑of‑hours response for incidents, maintenance windows, and urgent escalations. The team coordinates cross‑region handoffs to ensure 24/7 coverage.

Key Responsibilities

Operate and maintain network and security infrastructure (on‑prem and cloud) to ensure high availability and performance.
Perform Tier IIIV incident response and troubleshooting for network and security incidents; lead root cause analysis and remediation.
Manage change and configuration for firewall, proxy, WAF, and network device policies; perform policy optimization to reduce risk and improve operational efficiency.
Infrastructure management (capacity, patch/OS, monitoring/alerting, vulnerability management see details below).
Monitor security and network telemetry; tune detection, alerting, and network thresholds to reduce noise and increase actionability.
Participate in Cybersecurity Incident Response and coordinate remediation with cross‑functional teams, including Endpoint Security.
Lead or support security and network infrastructure projects, migrations, and platform consolidations (micro‑segmentation, zero‑trust network access, cloud edge/WAF).
Drive risk reduction through policy optimization and audit remediation in partnership with other security and business teams.
Produce runbooks, operational documentation, maintenance procedures, and perform knowledge transfer to engineering and operations teams.

Infrastructure management:

Capacity management
- Monitor resource utilization (CPU, memory, throughput, concurrent sessions, license usage) across security and network platforms.
- Forecast growth, identify bottlenecks, and implement scaling or tuning changes to maintain performance and availability.
- Maintain capacity plans and review with stakeholders to ensure headroom for peak loads and planned projects.
Patch & OS management
- Maintain and execute patching schedules for security appliances, network devices, and supporting infrastructure (OS/firmware/software).
- Validate and test patches/firmware in lab/staging, coordinate maintenance windows, and include rollback procedures.
- Track patch compliance, document exceptions, and work with vendors/engineering teams on mitigations for legacy systems.
Event monitoring & alerting
- Configure and maintain event collection, detection rules, and alerting thresholds across SIEM, network monitoring, and native platform logs.
- Tune signatures, correlation rules, and network thresholds to reduce false positives and ensure high‑fidelity alerts; implement automated workflows where appropriate.
- Establish escalation paths, perform initial triage, and drive actionable incident handling for both network and security alerts.
Vulnerability management (as part of infrastructure management)
- Integrate vulnerability scanning and assessment outputs into platform lifecycle planning and remediation workflows.
- Prioritize platform vulnerabilities based on exploitability and business impact; implement compensating controls or patching/upgrade plans.
- Coordinate with asset owners and patch management to validate remediation and maintain vulnerability status reporting for audits.

Network responsibilities:

Oversee switching, routing, and core network services as part of daily operations and incident response.
Monitor and manage network health (BGP/OSPF behaviours, VLANs, STP, QoS, interface errors), licensing, and firmware across switches, routers, and load balancers (e.g F5, Cloud native technologies).
Investigate and help support DDI (DNS, DHCP, IPAM) incidents/changes across the infrastructure (e.g. Infoblox).
Working knowledge of SD-WAN and software defined networking (SDN) technologies like Palo Alto Prisma SD-WAN, Juniper Apstra, Megaport.
Maintain and operate network management and telemetry tools (SNMP, NetFlow/sFlow, telemetry collectors).
Coordinate network maintenance windows, perform config backups, device code patching, manage device lifecycle (Cisco, Arista, Opengear), and support network change‑control processes.
Work with Network Engineering on design changes, capacity planning, and performance tuning to ensure operational readiness.

Collaborative responsibilities (work with other security teams)

Cybersecurity Incident Response (collaborative)
- Participate in incident response activities in close coordination with SOC/Threat Detection, Threat Intelligence, Forensics, Vulnerability Management, Application Security, Cloud Security, Endpoint Security (e.g., CrowdStrike), and GRC.
- Perform initial triage and containment, coordinate remediation actions with platform and engineering teams, manage communications and escalations, conduct post‑incident root cause analysis, update playbooks, and feed lessons learned back into detection tuning and preventive controls.
Security & Network Projects (cross‑team delivery)
- Lead or support infrastructure projects in collaboration with Architecture, Network and Platform Engineering, Application Security, Cloud teams (AWS, Azure, Oracle OCI), Endpoint Security, and third‑party vendors.
- Projects may include micro‑segmentation (Illumio), zero‑trust networking (Elisity), cloud edge/WAF (F5 Distributed Cloud / F5 XC), and endpoint protection (CrowdStrike).
Risk Reduction through Policy Optimization and Audit
- Drive risk reduction initiatives with policy owners, application and network teams, GRC, and internal/external auditors. Review and rationalize firewall/proxy/WAF and micro‑segmentation/network policies, coordinate remediation timelines for audit findings and vulnerabilities, document changes, and report risk metrics.

Standout candidate (differentiator)

Exceptional candidates will have a solid foundation in WAF policy administration and signature management, specifically hands‑on experience implementing, tuning, and maintaining policies in F5 ASM and F5 Distributed Cloud (F5 XC). Demonstrated experience creating/refining custom signatures, reducing false positives, integrating WAF telemetry with SIEM, and validating policy changes through staged rollouts will set candidates apart.

Core Technologies & Platforms (examples)

Next‑generation firewalls and cloud security (Palo Alto; AWS, Azure, Oracle OCI)
Proxies and secure web gateways (e.g., Zscaler)
Web application firewalls and distributed cloud WAFs (F5 ASM, F5 Distributed Cloud / F5 XC)
Micro‑segmentation and zero‑trust network controls (Illumio, Elisity)
Endpoint protection and EDR (CrowdStrike)
IDS/IPS, advanced malware prevention, data loss prevention
SIEM, network telemetry (NetFlow, sFlow), SNMP, packet capture and analysis tools

Required Qualifications

5+ years of network or security operations experience in large‑scale operations (NOC or SOC experience is applicable).
Hands‑on experience with one or more next‑generation firewalls, proxies, WAFs, IDS/IPS, EDR/endpoint platforms, micro‑segmentation or zero‑trust solutions, or cloud security platforms.
Working knowledge of switching and routing concepts and technologies (VLANs, STP, QoS, BGP/OSPF/routing basics) and experience with network monitoring/telemetry tools.
Strong understanding of TCP/IP and related protocols; experience collecting and analyzing HTTPS/TCP/IP captures using Wireshark, tcpdump, HTTPWatch, Fiddler, or similar tools.
Working knowledge of Unix/Linux command line.
Solid analytical, problem‑solving, and root cause analysis skills specific to network and security operations.
Excellent verbal, written, and collaborative communication skills; proactive, team‑oriented attitude.

Preferred Qualifications

Relevant vendor certifications (e.g., Palo Alto PCNSE, F5 ASM Specialist, Illumio, Elisity, CrowdStrike, CCNA/CCNP).
Experience operating in AWS, Azure, and Oracle OCI security and network environments.
SANS/GIAC or other industry security certifications.
Experience with enterprise vulnerability management and patching programs.

Marsh (NYSE: MRSH) is a global leader in risk, reinsurance and capital, people and investments, and management consulting, advising clients in 130 countries. With annual revenue of over $27 billion and more than 95,000 colleagues, Marsh helps build the confidence to thrive through the power of perspective. For more information, visit corporate.marsh.com, or follow us on LinkedIn and X.Marsh is committed to embracing a diverse, inclusive and flexible work environment. We aim to attract and retain the best people and embrace diversity of age, background, caste, disability, ethnic origin, family duties, gender orientation or expression, gender reassignment, marital status, nationality, parental status, personal or social status, political affiliation, race, religion and beliefs, sex/gender, sexual orientation or expression, skin color, or any other characteristic protected by applicable law.Marsh is committed to hybrid work, which includes the flexibility of working remotely and the collaboration, connections and professional development benefits of working together in the office. All Marsh colleagues are expected to be in their local office or working onsite with clients at least three days per week. Office-based teams will identify at least one “anchor day” per week on which their full team will be together in person.