IT Risk Management & Security Risk Liaison

Austin, TX, US
March 23 2018
Organization Type
Requisition ID: COM000627

Merck & Co., Inc. Kenilworth, N.J., U.S.A. known as Merck in the United States and Canada, is a global health care leader with a diversified portfolio of prescription medicines, vaccines and animal health products. The difference between potential and achievement lies in the spark that fuels innovation and inventiveness; this is the space where Merck has codified its 125-year legacy. Merck’s success is backed by ethical integrity, forward momentum, and an inspiring mission to achieve new milestones in global healthcare.


Merck’s Information Technology organization partners with colleagues across the business to help serve our patients and customers around the world. Ours is a high energy team of dynamic, innovative individuals dedicated to advancing Merck’s contribution to global medical innovation by leveraging information and technology to efficiently advance the business by driving revenue and productivity.


How will you invent the future?


As an IT Risk Management & Security Risk Liaison at Merck’s Austin IT HUB, you will be part of inventing tomorrow.  Our Innovative centers are where great people come together and deliver solutions that save and improve lives. The IT Risk Liaison is responsible for analyzing risk and verifying & validating software and business effectiveness to ensure processes and people are compliant with internal policies and standards and external regulations and applicable laws. The position requires strong compliance & risk management skills as well as excellent communication and collaboration skills. The analyst will plan and execute risk-based strategies and initiatives for the goal of improving Merck’s risk and compliance posture and reducing Merck’s compliance & cyber security risk.
The IT Risk Liaison will execute work in alignment with Merck business & IT goals and initiatives:
  • Serve as an ITRMS liaison resource for Global Human Health to respond to questions and requests for assistance and guidance and assess compliance, quality and cyber security risk within the division and recommend ideas to mitigate and reduce risks, while improving compliance & quality management.
  • Track compliance and cyber security controls are implemented on Merck’s most critical applications.
  • Assist in developing standards, guidelines, presentations, communications, and implement process improvements to ensure we are operating with the utmost quality.
  • Report regular metrics, status reports and presentations on the overall health and quality of the risk & compliance initiatives.
  • Assist with tracking GxP/HAR Inspection Readiness audits and provide necessary FDA support.
  • Support SOX and SDLC assessments, including detailed documentation reviews and interviewing   

Austin IT Hub



  • A Bachelor's degree is required.
  • A minimum of 3 years IT & systems development life cycle experience.
  • A detailed understanding of IT risk & compliance.
  • An understanding of GxP Inspection Readiness audits and validating regulatory compliance and quality standards with evidentiary documentation – reports & metrics/measurements.
  • An understanding of external regulations and applicable laws, such as, GxP/HAR – Part 11, PDMA; Privacy, Safe Harbor, HIPAA, Corporate Integrity Agreement, Sarbanes Oxley, State Marketing laws, etc.
  • Experience implementing process improvements and standard operating procedures.   
  • Excellent leadership, communication, and team collaboration skills.
  • Excellent project management, risk management & compliance management skills.
  • Demonstrated ability to generate detailed risk & compliance metric reports.
  • Excellent Excel, Access, PowerPoint & Remedy or comparable CMDB skills & experience.
  •  Preferred:
  • Experience working on or leading projects and executing on initiatives.
  • Understanding of Pharma business or Merck’s business. 
  • Demonstrated experience in a cyber security, risk or compliance role.
  • Demonstrated experience monitoring systems against policies, regulations, laws, and standards.
  • An in-depth understanding of the Systems Development Life Cycle standards, in particular Risk Management and Information Risk Management Security standards.
  • A demonstrated ability of interpreting internal compliance policies and external compliance regulations, in particular, 21CFR, Part 11 & PDMA, Sox & Privacy.


    Your role at Merck is integral to helping the world meet new breakthroughs that affect generations to come, and we’re counting on your skills and inventiveness to help make meaningful contributions to global medical advancement. At Merck, we’re inventing for life. 


    If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to


    Search Firm Representatives Please Read Carefully: 

    Merck & Co., Inc. is not accepting unsolicited assistance from search firms for this employment opportunity.  Please, no phone calls or emails.  All resumes submitted by search firms to any employee at Merck via email, the Internet or in any form and/or method without a valid written search agreement in place for this position will be deemed the sole property of Merck.  No fee will be paid in the event the candidate is hired by Merck as a result of the referral or through other means.


    Visa sponsorship is not available for this position.


    For more information about personal rights under Equal Employment Opportunity, visit:


                EEOC Poster

                EEOC GINA Supplement 

    Job: Compliance & Risk Management
    Other Locations:
    Employee Status: Regular
    Number of Openings:
    Shift (if applicable):
    Hazardous Materials:
    Company Trade Name: Merck

    Similar jobs

    More searches like this

    Similar jobs