Merck logo

Veeva Platform Risk Management & Compliance Lead (Associate Director)

Merck
July 01, 2026
Remote friendly (Rahway, NJ)
United States
IT
Key Responsibilities:
- Establish and operate an enterprise Veeva platform risk management framework covering cyber security, resiliency, supplier, and operational risks (IT Business Continuity, Disaster Recovery, Platform Compliance, Audit Readiness).
- Create and maintain a single enterprise risk baseline across all Veeva vaults and divisions.
- Lead cyber resiliency assurance, including deep multi-layer reviews of Veeva controls (SaaS, PaaS, IaaS where applicable).
- Coordinate platform risk assessments with ITRMS, MCAAS, QA, GSG, GPO, Architecture, and divisional teams.
- Identify, assess, and prioritize risks; define remediation or risk-acceptance paths.
- Track and report remediation progress and residual risk via enterprise governance.
- Establish continuous risk governance (monitoring and cadence-based reporting).
- Partner with Platform Governance, Architecture, and FinOps for risk-informed prioritization and investment decisions.
- Coordinate Joint Cyber Incident Response (JCIR).
- Support audit/inspection readiness with traceability, transparency, and objective evidence.

Minimum Requirements:
- Bachelorโ€™s degree in Computer Science, Engineering, Information Systems, or equivalent.
- 8+ years in enterprise risk management, cyber security assurance, technology risk, or IT governance.
- Preferred: Masterโ€™s degree.
- Experience in regulated environments.
- Experience leading enterprise-level, not just project-level, risk assessments.
- Matrix experience across security, audit, quality, and risk.
- Ability to communicate complex risk to senior leadership.

Skills & Capabilities (required):
Enterprise risk/cyber resiliency assurance; risk-based assessment/prioritization; audit/regulatory readiness; stakeholder coordination; executive risk communication.

Required Skills (selected keywords):
Enterprise Risk Management (ERM), Information Security, IT Risk Management/Governance/Assessments/Response & Reporting, Continuous Monitoring, Cyber Resilience, Business Continuity, Disaster Recovery Planning, Knowledge of regulations/frameworks, Veeva Vault.

Apply:
- Submit via https://jobs.merck.com/us/en (deadline stated on the posting).