Staff Engineer - Senior Software Development Lead

Company:

MMC Corporate

Description:

Staff Engineer

Marsh McLennan is seeking candidates for the following position.

What can you expect

Lead the application development within Marsh McLennan as a technical expert and mentor Drive security excellence through hands-on code reviews architecture guidance and technical leadership Create and maintain security-focused boilerplate code libraries and frameworks for development teams Serve as the technical bridge between security requirements and engineering implementation Shape the security posture of applications through deep technical involvement in the development lifecycle

What is in it for you

Marsh McLennan offers competitive employee benefits and a thriving culture A company with a strong Brand and strong results to match Employee Resource Groups which provide access to leaders relevant volunteer and mentoring opportunities and interactions with counterparts in industry groups and client organizations Competitive pay (salary and bonus potential) Full benefits package starting day one (medical dental vision STD/LTD life insurance RSP (Retirement Savings Plan) or TFSA (tax free savings account)) Tuition Reimbursement plan and participation in our Employee Stock Purchase Plan Entitled to vacation floating holidays time off to give back to your community sick days and provincial/national holidays (with early dismissal)

We will count on you to:

Technical Leadership & Code Quality

Conduct comprehensive security-focused pull request reviews across multiple applications and technology stacks

Design develop and maintain reusable security libraries frameworks and boilerplate code for development teams

Establish and enforce secure coding standards through technical guidance and code review processes

Create and maintain security-focused development tools linters and automated checks

Architecture & Design

Review and provide technical input on application architectures from a security perspective

Participate in design reviews and technical discussions to ensure security best practices are embedded from the ground up

Perform threat modeling and security architecture assessments for new and existing applications

Collaborate with engineering teams to design secure scalable solutions that meet business requirements

Security Champion Leadership

Serve as the senior technical member within the Security Champion community across MMC

Mentor and guide other security champions providing technical expertise and best practice guidance

Lead technical discussions regarding proposed changes to Application Security Standards and guidelines

Act as resident security expert and technical consultant across multiple application portfolios

Development & Implementation

Actively contribute to secure application development through hands-on coding and technical implementation

Integrate security controls and features into applications (RBAC authentication authorization encryption etc.)

Develop and maintain security testing frameworks and automated security validation tools

Contribute to the design and implementation of security infrastructure and deployment pipelines

Standards & Process

Establish and maintain technical security standards guidelines and best practices for development teams

Provide technical guidance on vulnerability assessment triaging and remediation approaches

Review and validate security incident remediation including secrets management and disposal

Ensure alignment with industry standards (OWASP Top 10 SANS Top 25 CWE) and internal security policies

Collaboration & Communication

Work closely with development teams product owners and architects to integrate security seamlessly into the development process

Serve as technical liaison between development teams and global information security

Provide technical training and knowledge sharing sessions on secure development practices

Communicate complex security concepts clearly to both technical and non-technical stakeholders

What you need to have:

Technical Expertise

Bachelors degree in Computer Science Engineering or equivalent technical experience

7 years of software development experience with strong engineering fundamentals

Expert-level proficiency in multiple programming languages (JavaScript/TypeScript Python Java C# etc.)

Deep understanding of modern application architectures microservices and cloud platforms (Azure AWS)

Extensive experience with CI/CD pipelines DevOps practices and infrastructure as code

Advanced knowledge of secure coding practices common vulnerabilities and security testing methodologies

Security Specialization

Advanced expertise in application security principles practices and industry standards

Experience with security testing tools (SAST DAST IAST dependency scanning)

Deep understanding of authentication authorization cryptography and secure communication protocols

Knowledge of threat modeling methodologies and security architecture patterns

Experience with security frameworks and compliance requirements (SOC 2 ISO 27001 NYDFS etc.)

Leadership & Communication

Proven track record of leading technical initiatives and mentoring development teams

Excellent communication skills with ability to influence and educate technical and non-technical audiences

Experience working in distributed cross-functional teams across multiple time zones

Strong problem-solving skills with ability to balance security requirements with business needs

What makes you stand out:

Technical Excellence

Demonstrated ability to architect and implement enterprise-scale security solutions

Experience building and maintaining security-focused development tools and frameworks

Deep expertise in multiple technology stacks and ability to quickly adapt to new technologies

Track record of successfully implementing security controls in complex distributed systems

Leadership & Impact

Experience leading security transformation initiatives within large organizations

Proven ability to influence engineering culture and drive adoption of security best practices

Experience with site reliability engineering (SRE) practices and security operations

Innovation & Continuous Learning

Active participation in security communities conferences and open-source projects

Proactive approach to staying current with emerging security threats and technologies

Experience with AI/ML security considerations and secure integration of LLM technologies

Demonstrated ability to translate business requirements into technical security solutions

Marsh McLennan (NYSE: MMC) is a global leader in risk strategy and people advising clients in 130 countries across four businesses: Marsh Guy Carpenter Mercer and Oliver Wyman. With annual revenue of $24 billion and more than 90000 colleagues Marsh McLennan helps build the confidence to thrive through the power of perspective. For more information visit or follow on LinkedIn and X.

Marsh McLennan is committed to embracing a diverse inclusive and flexible work environment. We aim to attract and retain the best people and embrace diversity of age background caste disability ethnic origin family duties gender orientation or expression gender reassignment marital status nationality parental status personal or social status political affiliation race religion and beliefs sex/gender sexual orientation or expression skin color or any other characteristic protected by applicable law.

Marsh McLennan is committed to hybrid work which includes the flexibility of working remotely and the collaboration connections and professional development benefits of working together in the office. All Marsh McLennan colleagues are expected to be in their local office or working onsite with clients at least three days per week. Office-based teams will identify at least one anchor day per week on which their full team will be together in person.