Job Information
Merck Cloud Security Engineer in Santa Fe, New Mexico
Job Description
Our Company Cloud Security Engineering is seeking an energetic, forward-thinking professional to join our team. The individual in this role will provide subject matter expertise in cloud security engineering fundamentals supporting multi-cloud adoption and cloud DevSecOps.
Overall Responsibilities:
Establish a collaborative governance structure around the use of new cloud features to establish an acceptable risk posture.
Define the requirements, best practices, and lead the collaborative development of cloud system/service architecture, design, and engineering.
Define strategy, governance, and drive best practices for protecting company data.
Be responsible for evaluating new solutions and developing the supporting elements required to incorporate new technologies in a safe and secure manner.
Produce architecture diagrams, blueprints, and solution narratives to bring solutions to reality with a DevSecOps mindset & culture.
Partner with platform and development teams to assess and close gaps in cloud security posture and data protection across the security disciplines.
Collaborate across IT and business organizations to facilitate the design, development, engineering, and deployment of security controls used to protect.
Ensure compliance with all requirements applied to cloud services and technology.
Daily Responsibilities:
Provide technical guidance and foster a collective understanding of data protection and security issues encountered in cloud infrastructure, applications, services, and for information traversing our eco-system.
Work closely with DevOps teams on Infrastructure as Code, Automation, and Orchestration.
Provide expert knowledge of cloud and data security architecture and consult with business and other technology teams to address complex needs.
Drive the collaborative development of the technology strategy, technology standards, roadmaps, and practices.
Collaborate with data analytics team to build security reference architectures and drive preventative security controls.
Work closely with the IT and business to prioritize and address emerging risks through the application of mitigating solutions.
Required Experience:
Minimum of 2 years of experience with Cybersecurity concepts, including encryption, configuration management, auditing, access control, database security and information protection.
Minimum of 1 year of experience with Cloud Amazon Web Services (AWS) or Microsoft Azure platforms & SaaS environments.
Experience in designing, implementing, and delivering security for cloud-native, distributed computing and architectural solutions with a Principle of “Secure by Design.”
Excellent knowledge of security architecture and engineering.
Experience in large scale enterprise Cloud projects from ideation to production.
Understanding of software/system delivery lifecycle and accompanying technologies.
Strong interpersonal, networking, influencing, and relationship-building skills and the ability to navigate cross-culturally with wide array of stakeholders, internally and externally.
Preferred Experience:
Experience with protection of both structured and unstructured data via the application of controls based on data classification
Cloud incident response and endpoint security solutions.
API security.
Certification in information security, application security, and/or cloud security.
Certification in AWS or Azure environments.
Experience with DevSecOps, including continuous integration (CI) and continuous delivery (CD).
Experience in Agile delivery methodologies.
Experience in Data Leakage Prevention
Proficiency in mobile security concepts
Minimum Education Requirement:
- Bachelor's Degree required.
#eligibleforerp
ITRMSCareers
NOTICE FOR INTERNAL APPLICANTS
In accordance with Managers' Policy - Job Posting and Employee Placement, all employees subject to this policy are required to have a minimum of twelve (12) months of service in current position prior to applying for open positions.
If you have been offered a separation benefits package, but have not yet reached your separation date and are offered a position within the salary and geographical parameters as set forth in the Summary Plan Description (SPD) of your separation package, then you are no longer eligible for your separation benefits package. To discuss in more detail, please contact your HRBP or Talent Acquisition Advisor.
Employees working in roles that the Company determines require routine collaboration with external stakeholders, such as customer-facing commercial, or research-based roles, will be expected to comply not only with Company policy but also with policies established by such external stakeholders (for example, a requirement to be vaccinated against COVID-19 in order to access a facility or meet with stakeholders). Please understand that, as permitted by applicable law, if you have not been vaccinated against COVID-19 and an essential function of your job is to call on external stakeholders who require vaccination to enter their premises or engage in face-to-face meetings, then your employment may pose an undue burden to business operations, in which case you may not be offered employment, or your employment could be terminated. Please also note that, where permitted by applicable law, the Company reserves the right to require COVID-19 vaccinations for positions, such as in Global Employee Health, where the Company determines in its discretion that the nature of the role presents an increased risk of disease transmission.
Current Employees apply HERE (https://wd5.myworkday.com/msd/d/task/1422$6687.htmld)
Current Contingent Workers apply HERE (https://wd5.myworkday.com/msd/d/task/1422$4020.htmld)
US and Puerto Rico Residents Only:
Our company is committed to inclusion, ensuring that candidates can engage in a hiring process that exhibits their true capabilities. Please click here (https://survey.sogosurvey.com/r/aCdfqL) if you need an accommodation during the application or hiring process.
We are an Equal Opportunity Employer, committed to fostering an inclusive and diverse workplace. All qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status, or other applicable legally protected characteristics. For more information about personal rights under the U.S. Equal Opportunity Employment laws, visit:
EEOC Know Your Rights (https://www.eeoc.gov/sites/default/files/2022-10/22-088_EEOC_KnowYourRights_10_20.pdf)
EEOC GINA Supplement
Pay Transparency Nondiscrimination (https://www.dol.gov/sites/dolgov/files/OFCCP/pdf/pay-transp_%20English_formattedESQA508c.pdf)
We are proud to be a company that embraces the value of bringing diverse, talented, and committed people together. The fastest way to breakthrough innovation is when diverse ideas come together in an inclusive environment. We encourage our colleagues to respectfully challenge one another’s thinking and approach problems collectively.
Learn more about your rights, including under California, Colorado and other US State Acts (https://www.msdprivacy.com/us/en/CCPA-notice/)
U.S. Hybrid Work Model
Effective September 5, 2023, employees in office-based positions in the U.S. will be working a Hybrid work consisting of three total days on-site per week, generally Tuesday, Wednesday and either Monday or Thursday, although the specific days may vary by site or organization, with Friday designated as a remote-working day, unless business critical tasks require an on-site presence. This Hybrid work model does not apply to, and daily in-person attendance is required for, field-based positions; facility-based, manufacturing-based, or research-based positions where the work to be performed is located at a Company site; positions covered by a collective-bargaining agreement (unless the agreement provides for hybrid work); or any other position for which the Company has determined the job requirements cannot be reasonably met working remotely. Please note, this Hybrid work model guidance also does not apply to roles that have been designated as “remote”.
The Company is required to provide a reasonable estimate of the salary range for this job in certain states and cities within the United States. Final determinations with respect to salary will take into account a number of factors, which may include, but not be limited to the primary work location and the chosen candidate’s relevant skills, experience, and education.
Expected US salary range:
$111,400.00 - $175,300.00
Available benefits include bonus eligibility, long term incentive if applicable, health care and other insurance benefits (for employee and family), retirement benefits, paid holidays, vacation, and sick days. A summary of benefits is listed here (https://www.benefitsatmerck.com/) .
Search Firm Representatives Please Read Carefully
Merck & Co., Inc., Rahway, NJ, USA, also known as Merck Sharp & Dohme LLC, Rahway, NJ, USA, does not accept unsolicited assistance from search firms for employment opportunities. All CVs / resumes submitted by search firms to any employee at our company without a valid written search agreement in place for this position will be deemed the sole property of our company. No fee will be paid in the event a candidate is hired by our company as a result of an agency referral where no pre-existing agreement is in place. Where agency agreements are in place, introductions are position specific. Please, no phone calls or emails.
Employee Status:
Regular
Relocation:
No relocation
VISA Sponsorship:
Yes
Travel Requirements:
10%
Flexible Work Arrangements:
Remote
Shift:
Not Indicated
Valid Driving License:
No
Hazardous Material(s):
na
Job Posting End Date:
09/17/2024
*A job posting is effective until 11:59:59PM on the day BEFORE the listed job posting end date. Please ensure you apply to a job posting no later than the day BEFORE the job posting end date.
Job Posting End Date: 09/17/2024
A job posting is effective until 11:59:59PM on the day BEFORE the listed job posting end date. Please ensure you apply to a job posting no later than the day BEFORE the job posting end date.
Requisition ID: R311449