Sr. Spclst , Cybersecurity Engineering Product Security
Apply NowCompany: Merck & Co, Inc
Location: Rahway, NJ 07065
Description:
Job Description
Required Experience and Skills:
Preferred Experience and Skills:
Education Minimum Requirement:
Bachelor's Degree is preferred. Concentration in one of the following fields is preferred:
Current Employees apply HERE
Current Contingent Workers apply HERE
US and Puerto Rico Residents Only:
Our company is committed to inclusion, ensuring that candidates can engage in a hiring process that exhibits their true capabilities. Please click here if you need an accommodation during the application or hiring process.
As an Equal Employment Opportunity Employer, we provide equal opportunities to all employees and applicants for employment and prohibit discrimination on the basis of race, color, age, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or other applicable legally protected characteristics. As a federal contractor, we comply with all affirmative action requirements for protected veterans and individuals with disabilities. For more information about personal rights under the U.S. Equal Opportunity Employment laws, visit:
EEOC Know Your Rights
EEOC GINA Supplement
We are proud to be a company that embraces the value of bringing together, talented, and committed people with diverse experiences, perspectives, skills and backgrounds. The fastest way to breakthrough innovation is when people with diverse ideas, broad experiences, backgrounds, and skills come together in an inclusive environment. We encourage our colleagues to respectfully challenge one another's thinking and approach problems collectively.
Learn more about your rights, including under California, Colorado and other US State Acts
U.S. Hybrid Work Model
Effective September 5, 2023, employees in office-based positions in the U.S. will be working a Hybrid work consisting of three total days on-site per week, Monday - Thursday, although the specific days may vary by site or organization, with Friday designated as a remote-working day, unless business critical tasks require an on-site presence.This Hybrid work model does not apply to, and daily in-person attendance is required for, field-based positions; facility-based, manufacturing-based, or research-based positions where the work to be performed is located at a Company site; positions covered by a collective-bargaining agreement (unless the agreement provides for hybrid work); or any other position for which the Company has determined the job requirements cannot be reasonably met working remotely. Please note, this Hybrid work model guidance also does not apply to roles that have been designated as "remote".
The Company is required to provide a reasonable estimate of the salary range for this job in certain states and cities within the United States. Final determinations with respect to salary will take into account a number of factors, which may include, but not be limited to the primary work location and the chosen candidate's relevant skills, experience, and education.
Expected US salary range:
$114,700.00 - $180,500.00
Available benefits include bonus eligibility, long term incentive if applicable, health care and other insurance benefits (for employee and family), retirement benefits, paid holidays, vacation, and sick days. A summary of benefits is listed here.
San Francisco Residents Only: We will consider qualified applicants with arrest and conviction records for employment in compliance with the San Francisco Fair Chance Ordinance
Los Angeles Residents Only: We will consider for employment all qualified applicants, including those with criminal histories, in a manner consistent with the requirements of applicable state and local laws, including the City of Los Angeles' Fair Chance Initiative for Hiring Ordinance
Search Firm Representatives Please Read Carefully
Merck & Co., Inc., Rahway, NJ, USA, also known as Merck Sharp & Dohme LLC, Rahway, NJ, USA, does not accept unsolicited assistance from search firms for employment opportunities. All CVs / resumes submitted by search firms to any employee at our company without a valid written search agreement in place for this position will be deemed the sole property of our company. No fee will be paid in the event a candidate is hired by our company as a result of an agency referral where no pre-existing agreement is in place. Where agency agreements are in place, introductions are position specific. Please, no phone calls or emails.
Employee Status:
Regular
Relocation:
No relocation
VISA Sponsorship:
No
Travel Requirements:
10%
Flexible Work Arrangements:
Remote
Shift:
Not Indicated
Valid Driving License:
No
Hazardous Material(s):
n/a
Job Posting End Date:
04/30/2025
*A job posting is effective until 11:59:59PM on the day BEFORE the listed job posting end date. Please ensure you apply to a job posting no later than the day BEFORE the job posting end date.
Required Experience and Skills:
- Experience with one or more cloud and container platforms such as AWS, Azure, Kubernetes, and Tanzu/Cloud Foundry.
- Experience in secure software development (software/QA/DevOps engineer, etc.) or Information Security, with a strong desire to learn Application Security.
- Understanding of web browsers, network and web-related protocols (TCP/IP, HTTP/HTTPS, SSL/TLS, DNS, SSH, etc.), web services, and APIs.
- Familiarity with application security tools (SAST/DAST/OSS, Mobile, and API security testing, etc.).
- Familiarity with secure cloud and container concepts, associated security risks, and best practices
- Strong understanding and experience with infrastructure as code tools and platforms, such as Cloud Formation templates and Ansible.
- Understanding of various application models (client-server, desktop apps, mobile, etc.).
- Familiarity with the software development/delivery lifecycle and accompanying technologies.
- Basic understanding of general coding concepts and best practices, and the ability to read code (Python, Java, JavaScript, .NET, etc.).
- Strong interpersonal, networking, influencing, and relationship-building skills, with the ability to navigate cross-culturally with a wide array of stakeholders, internally and externally.
- Personal drive and passion for continuous growth and the advancement of Application Security best practices.
Preferred Experience and Skills:
- Understanding of OWASP Top 10 web application security risks (XSS, SQL Injection, etc.) and recommended mitigation strategies.
- Experience with Agile development processes and DevSecOps best practices.
- Standard industry certifications in Application Security, Information Security, Cloud, etc.
- Familiarity with Infrastructure as Code (IaC) and associated security practices.
- Experience with Continuous Integration/Continuous Deployment (CI/CD) pipelines and their security considerations.
- Incident and vulnerability management
- Experience with securely implementing and managing secrets and cryptography according to industry best practices.
Education Minimum Requirement:
Bachelor's Degree is preferred. Concentration in one of the following fields is preferred:
- Cyber security
- Computer Science
- Engineering
- Management/Computer Information Systems
Current Employees apply HERE
Current Contingent Workers apply HERE
US and Puerto Rico Residents Only:
Our company is committed to inclusion, ensuring that candidates can engage in a hiring process that exhibits their true capabilities. Please click here if you need an accommodation during the application or hiring process.
As an Equal Employment Opportunity Employer, we provide equal opportunities to all employees and applicants for employment and prohibit discrimination on the basis of race, color, age, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or other applicable legally protected characteristics. As a federal contractor, we comply with all affirmative action requirements for protected veterans and individuals with disabilities. For more information about personal rights under the U.S. Equal Opportunity Employment laws, visit:
EEOC Know Your Rights
EEOC GINA Supplement
We are proud to be a company that embraces the value of bringing together, talented, and committed people with diverse experiences, perspectives, skills and backgrounds. The fastest way to breakthrough innovation is when people with diverse ideas, broad experiences, backgrounds, and skills come together in an inclusive environment. We encourage our colleagues to respectfully challenge one another's thinking and approach problems collectively.
Learn more about your rights, including under California, Colorado and other US State Acts
U.S. Hybrid Work Model
Effective September 5, 2023, employees in office-based positions in the U.S. will be working a Hybrid work consisting of three total days on-site per week, Monday - Thursday, although the specific days may vary by site or organization, with Friday designated as a remote-working day, unless business critical tasks require an on-site presence.This Hybrid work model does not apply to, and daily in-person attendance is required for, field-based positions; facility-based, manufacturing-based, or research-based positions where the work to be performed is located at a Company site; positions covered by a collective-bargaining agreement (unless the agreement provides for hybrid work); or any other position for which the Company has determined the job requirements cannot be reasonably met working remotely. Please note, this Hybrid work model guidance also does not apply to roles that have been designated as "remote".
The Company is required to provide a reasonable estimate of the salary range for this job in certain states and cities within the United States. Final determinations with respect to salary will take into account a number of factors, which may include, but not be limited to the primary work location and the chosen candidate's relevant skills, experience, and education.
Expected US salary range:
$114,700.00 - $180,500.00
Available benefits include bonus eligibility, long term incentive if applicable, health care and other insurance benefits (for employee and family), retirement benefits, paid holidays, vacation, and sick days. A summary of benefits is listed here.
San Francisco Residents Only: We will consider qualified applicants with arrest and conviction records for employment in compliance with the San Francisco Fair Chance Ordinance
Los Angeles Residents Only: We will consider for employment all qualified applicants, including those with criminal histories, in a manner consistent with the requirements of applicable state and local laws, including the City of Los Angeles' Fair Chance Initiative for Hiring Ordinance
Search Firm Representatives Please Read Carefully
Merck & Co., Inc., Rahway, NJ, USA, also known as Merck Sharp & Dohme LLC, Rahway, NJ, USA, does not accept unsolicited assistance from search firms for employment opportunities. All CVs / resumes submitted by search firms to any employee at our company without a valid written search agreement in place for this position will be deemed the sole property of our company. No fee will be paid in the event a candidate is hired by our company as a result of an agency referral where no pre-existing agreement is in place. Where agency agreements are in place, introductions are position specific. Please, no phone calls or emails.
Employee Status:
Regular
Relocation:
No relocation
VISA Sponsorship:
No
Travel Requirements:
10%
Flexible Work Arrangements:
Remote
Shift:
Not Indicated
Valid Driving License:
No
Hazardous Material(s):
n/a
Job Posting End Date:
04/30/2025
*A job posting is effective until 11:59:59PM on the day BEFORE the listed job posting end date. Please ensure you apply to a job posting no later than the day BEFORE the job posting end date.