Key Activities
- Provide security oversight and operational assurance for customer-facing software and hardware solutions across development, deployment, and runtime.
- Define, assess, and validate security controls for commercial technology platforms (aligned to enterprise standards, regulations, and customer expectations).
- Lead vulnerability research, analysis, and operational response.
- Integrate security into architecture/design/development (secure-by-design, shift-left).
- Support product security: threat modeling, secure design reviews, penetration testing coordination, remediation validation.
- Provide security architecture guidance for virtualized, cloud-native, hybrid, and containerized environments.
- Oversee vulnerability management (scanning, prioritization, remediation tracking, risk acceptance).
- Collaborate with DevSecOps to automate security testing/control validation and continuous monitoring; embed security into CI/CD and release processes.
- Liaise with enterprise security, risk, and compliance; support customer assurance (questionnaires, audits, attestations) and incident response/root-cause analysis.
Education
- Bachelorβs degree in CS/Engineering/Information Security or related field.
- Advanced degree or relevant security certifications preferred.
Required Skills & Experience
- Strong vulnerability research/management and remediation validation; hands-on security engineering and product security.
- Security architecture knowledge for cloud/virtualized/containerized/hybrid; experience securing APIs, web apps, SaaS, and distributed systems.
- DevSecOps/CI-CD/security automation familiarity; knowledge of cryptography, IAM, and secure communications.
- 10+ years in cybersecurity/product security/security engineering; leadership influencing outcomes; work across engineering/product/cloud/business.
Preferred
- CISSP, CSSLP, GWAPT, OSCP (or equivalent).
- NIST, ISO 27001, OWASP, SDLC; AWS/Azure/GCP and infrastructure-as-code; automation to scale security controls.
Compensation/Benefits (as stated)
- Salary range: $156,900β$247,000; annual bonus and long-term incentive if applicable; comprehensive benefits including medical/dental/vision, 401(k), paid time off.
Application
- Apply at https://jobs.merck.com/us/en (deadline stated on posting).