Director, Application Security and Software Assurance Job

Employer
Merck
Location
Austin, TX, US
Posted
October 12 2017
Discipline
Other
Organization Type
Pharma
Requisition ID: COM000553


Merck & Co., Inc. Kenilworth, N.J., U.S.A. known as Merck in the United States and Canada, is a global health care leader with a diversified portfolio of prescription medicines, vaccines and animal health products. The difference between potential and achievement lies in the spark that fuels innovation and inventiveness; this is the space where Merck has codified its 125-year legacy. Merck’s success is backed by ethical integrity, forward momentum, and an inspiring mission to achieve new milestones in global healthcare.
 
Merck’s Information Technology organization partners with colleagues across the business to help serve our patients and customers around the world. Ours is a high energy team of dynamic, innovative individuals dedicated to advancing Merck’s contribution to global medical innovation by leveraging information and technology to efficiently advance the business by driving revenue and productivity.

How will you invent the future?

As a Director, Application Security and Software Assurance at Merck’s Austin IT HUB, you will be part of inventing tomorrow. Our Innovative centers are where great people come together and deliver solutions that save and improve lives.
 
Accountable to IT Risk Management and Security (ITRMS) leadership team; IT Planning and Innovation; and IT Executive stakeholders; to ensure secure applications are developed, deployed and sustained within the enterprise and into the external healthcare ecosystem. Ensure a practice and culture of secure application development is established via a secure SDLC and quality management system. Create a center of excellence team to provide ongoing support for application security quality development and response to incidents in the external ecosystem. Drive a focused alignment of capabilities that deliver strategic outcomes which enhance the maturity of Merck’s IT Cybersecurity and Compliance posture. 

  • Lead the global strategic design and implementation of secure design practices and implementation of application security controls 

  • Partner with the IT Compliance team to implement & govern application security controls in SDLC. 

  • Serve as an authority on secure application development and technical architecture. 

  • Develop a team that mentors developers and establishes champions for Application Security by Design 

  • Collaborate with cross divisional project teams to ensure appropriate security controls and practices are adopted for the full application lifecycle prior to deployment. 

  • Develop and lead training/awareness programs to enhance the application security skills and culture of the company development community 

  • Publish application security best practices, service offerings and associated artifacts and position papers to the Merck community. 

  • Maintain a high level of current state awareness, knowledge and understanding of internal and industry practices relative to the development of secure applications and Cyber Security requirement for Medical Devices 

  • Actively participate and influence government and industry forums in the development of standards, services and products. 

  • Lead the activities of designated professional employees and external resources in the development of application security and software assurance strategies, roadmaps, solutions, services and tools. 

  • Prepare and deliver KPIs for all levels ranging from developers to executive management for tracking progress and successfully driving change. 

  • Lead and influence a global team responsible for all of the above activities 
Qualifications

Education Minimum Requirement:

  • BS in Computer Science or Engineering or equivalent.

  • MS is preferred.

Required Experience and Skills:



  • Minimum 10 years of experience in a progressive IT organization with 5 years in an application or systems development role that included Information Security and/or Risk Management experience

  • Direct leadership of a global team that designed and implemented a secure design practice with application security controls aligned with SDLC

Your role at Merck is integral to helping the world meet new breakthroughs that affect generations to come, and we’re counting on your skills and inventiveness to help make meaningful contributions to global medical advancement. At Merck, we’re inventing for life. 
 
If you need an accommodation for the application process please email us at staffingaadar@merck.com.  
Search Firm Representatives Please Read Carefully: 
Merck & Co., Inc. is not accepting unsolicited assistance from search firms for this employment opportunity.  Please, no phone calls or emails.  All resumes submitted by search firms to any employee at Merck via email, the Internet or in any form and/or method without a valid written search agreement in place for this position will be deemed the sole property of Merck.  No fee will be paid in the event the candidate is hired by Merck as a result of the referral or through other means.
 

Visa sponsorship is not available for this position.
 
For more information about personal rights under Equal Employment Opportunity, visit:
 
            EEOC Poster
            EEOC GINA Supplement

Job: Compliance & Risk Management
Other Locations:
Employee Status: Regular
Travel: Yes, 20 % of the Time
Number of Openings:
Shift (if applicable):
Hazardous Materials:
Company Trade Name: Merck

More jobs like this