Director, Security Engineering

Employer
Merck
Location
Branchburg, NJ, US
Posted
February 16 2018
Organization Type
Pharma
Requisition ID: COM000598

Merck & Co., Inc. Kenilworth, N.J., U.S.A. known as Merck in the United States and Canada, is a global health care leader with a diversified portfolio of prescription medicines, vaccines and animal health products. The difference between potential and achievement lies in the spark that fuels innovation and inventiveness; this is the space where Merck has codified its legacy for over a century. Merck’s success is backed by ethical integrity, forward momentum, and an inspiring mission to achieve new milestones in global healthcare.

Merck’s Information Technology organization partners with colleagues across the business to help serve our patients and customers around the world. Ours is a high energy team of dynamic, innovative individuals dedicated to advancing Merck’s contribution to global medical innovation by leveraging information and technology to efficiently advance the business by driving revenue and productivity.  

 

Reporting directly to the Executive Director of Systems Engineering, IT Risk Management & Security, the Director of Information Security Engineering is responsible for leading a team tasked with ensuring the secure development of all applications and infrastructure at Merck. The position is also responsible for designing, developing, and engineering the security tools used to protect, detect, and respond to a wide array of information risks. The position will be part of the Information Technology Risk Management & Security (ITRMS) Extended Leadership Team as well as become the lead for the Data and System Protection Platform, and will work closely with the Business Information Risk Liaisons and the rest of the Information Technology organization to prioritize and address emerging risks. The person must be able to relate security capabilities to business and IT strategies.

Key areas of focus include:


Leadership:


This is a senior leadership role within the IT organization and will be responsible for helping to set and direct the data and system protection security strategy across the company. The leader must be an expert in the appropriate application and use of security processes and technologies. Must be a team player capable of influencing others. Must be capable of rapid and disciplined decision-making. Will manage a team of 15-25 security engineers in the US and internationally, and oversee a significant capital and expense budget.

Enterprise Application Security Engineering:


Oversee and direct the design, development, and deployment of security controls to protect Merck's critical applications and information while ensuring compliance with Merck’s corporate security policies and regulatory/legal requirements. Coordinate with other IT and Business organizations in collaboration with the ITRMS Information Risk Liaisons, Merck’s Privacy Office, HR, and Global Security to understand the risk appetite of the organization. Responsible for overseeing the development and integration of application security requirements into Merck's SDLC to ensure appropriate protection throughout the lifetime of the application.

Enterprise Infrastructure Security Engineering:


Work closely with the Global Technology Operations organization and ITRMS Information Risk Liaisons to ensure security controls are implemented into global infrastructure including cloud services, mobility solutions, unified communications, next generation networks, email/messaging systems, and directory services and that these services are protected from data loss or disruption. Direct and lead the team to design, engineer and deploy Infrastructure security controls. Collaborate with vendors, partners and standards setting bodies to define and communicate security requirements. Collaborate with IT Infrastructure leaders to ensure security technologies are properly configured and Integrated into the infrastructure. Provide detailed direction and designs for ensuring security controls operating across the enterprise (end to end) are properly deployed and producing data to support the risk management function.

Security Tools & Technologies:


Oversee the selection, development and deployment of security controls that support application security engineering and infrastructure security engineering. Some current areas of focus include encryption, certificate and key management capabilities, application whitelisting, data loss prevention and removable media protection, network security, cloud security, next generation malware detection and remediation.


The role requires a close partnership with the ITRMS Strategy and Planning functions to determine, prioritize and secure funding for the most appropriate security technologies to be deployed based on current risk and corporate strategy. Additionally, the security engineering team is responsible for assisting in the resolution of complex problems involving the security controls owned by ITRMS.

 

This position can be located in: Branchburg, NJ; West Point, PA; Rahway, NJ; Prague, CZ

Qualifications

Education:

  • Bachelor’s Degree with preference in computer science, electrical engineering, or other technical discipline.
  • Master's Degree Desired.
Required:

  • Minimum of 10 years experience in a technology field.
  • Minimum of 7 years of management and financial oversight responsibility.
  • Superior collaboration skills and communications skills.
  • Ability to collaborate well in a matrix environment, ‘enterprise leader’
  • Significant experience in leading global cross-functional project teams with limited direct line responsibility and exceptional project management skills
Preferred:

  • Leadership role in an information security function and certifications or experience on specific security technologies and capabilities used at Merck.
  • Previous experience in pharmaceutical company or other highly regulated environment is a major plus.
  • Technology roadmap development and implementation.
  • Prior experience with network engineering and network security technologies and processes.
  • Security technical certification(s).
Your role at Merck is integral to helping the world meet new breakthroughs that affect generations to come, and we’re counting on your skills and inventiveness to help make meaningful contributions to global medical advancement. At Merck, we’re inventing for life. 

 

If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to staffingaadar@merck.com.

  

Search Firm Representatives Please Read Carefully: 

Merck & Co., Inc. is not accepting unsolicited assistance from search firms for this employment opportunity.  Please, no phone calls or emails.  All resumes submitted by search firms to any employee at Merck via email, the Internet or in any form and/or method without a valid written search agreement in place for this position will be deemed the sole property of Merck.  No fee will be paid in the event the candidate is hired by Merck as a result of the referral or through other means.

 

Visa sponsorship is not available for this position.

 

For more information about personal rights under Equal Employment Opportunity, visit:

 

            EEOC Poster

            EEOC GINA Supplement 



Job: Compliance & Risk Management
Other Locations:
Employee Status: Regular
Travel: Yes, 5 % of the Time
Number of Openings:
Shift (if applicable):
Hazardous Materials:
Company Trade Name: Merck

Similar jobs

Similar jobs