• Merck Animal Health
  • Somerville , NJ
  • Information Technology
  • Full-Time
  • 138 Readington Rd


Loading some great jobs for you...




Description Merck & Co., Inc. Kenilworth, N.J., U.S.A. known as Merck in the United States and Canada, is a global health care leader with a diversified portfolio of prescription medicines, vaccines and animal health products. The difference between potential and achievement lies in the spark that fuels innovation and inventiveness; this is the space where Merck has codified its . Merck s success is backed by ethical integrity, forward momentum, and an inspiring mission to achieve new milestones in global healthcare The Senior Specialist Information Risk Analyst position is responsible for ensuring risk management decisions are continuously informed by rapid changes in the threat landscape. These include Geo-political concerns, vulnerabilities, adversaries and their techniques, tactics and procedures. The position is responsible for assessing and mitigation of risk based on the Confidentiality, Integrity and Availability of Information and the technology assets that store this information. Primary Responsibilities:Working with stake holders across IT and the Merck business to assess and mitigate risk to Merck information assets.Ability to continuously evaluate and articulate inherent and residual risk of an asset based on threats, vulnerabilities, geo-political risks, compensating controls and other factors.Ability to recommend changes to defenses based on rapid changes in the threat landscape.Support of the Information Risk Management capability including using process automation to ensure technology assets is under continuous risk surveillance, taking appropriate action to ensure the cyber risk of Merck assets is within defined thresholds and risk tolerance.Producing Metrics & Reporting of cyber risks to stakeholders including executive leadership.Lead efforts in minimizing the likelihood and impact of a cyber incident through an effective Adaptive Risk Management approach. Working with stake holders across IT and the Merck business to assess and mitigate risk to Merck information assets. Ability to continuously evaluate and articulate inherent and residual risk of an asset based on threats, vulnerabilities, geo-political risks, compensating controls and other factors. Ability to recommend changes to defenses based on rapid changes in the threat landscape. Support of the Information Risk Management capability including using process automation to ensure technology assets is under continuous risk surveillance, taking appropriate action to ensure the cyber risk of Merck assets is within defined thresholds and risk tolerance. Producing Metrics & Reporting of cyber risks to stakeholders including executive leadership. Lead efforts in minimizing the likelihood and impact of a cyber incident through an effective Adaptive Risk Management approach. Qualifications Education Minimum Requirement: Bachelor s Degree Required Experience and Skills: At least 7 years of IT experience of which at least 3 years in Information Risk and Security. Experience performing information security risk assessments. Experience in incorporating Geo-political concerns, Threat adversaries and their techniques, tactics and procedures, vulnerabilities & compensating controls into computing risk of technology assets. Experience with assessing cyber risk across networks, operating systems, applications, databases, cloud service providers, third parties, and other Information System technologies. Expertise and hands-on experience with computer networking, databases, or software development. Experience with networking protocols, firewall port usage, network filters and experience assessing whether appropriate network access rights are granted without excess privileges. Experience in calculation of inherent and residual cyber-risk using standard frameworks and methodologies Excellent communication and interpersonal skills. Experience leading small projects Preferred Experience and Skills: One or more security & risk certifications-CISSP, CEH, CISA, CRISC, CCSP Experience with Risk Scoring mechanisms and methods. Strong knowledge of Cyber Security Frameworks including NIST-CSF. Experience managing IT products Experience working in a matrix environment with globally located teams. BA/BS in Engineering, Computer Science, Information Security, Information Systems or equivalent a plus Your role at Merck is integral to helping the world meet new breakthroughs that affect generations to come, and we re counting on your skills and inventiveness to help make meaningful contributions to global medical advancement. At Merck, we re inventing for life. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to
Associated topics: chief program officer, cpo, manage, manager, management, monitor, product manager, project manager, relationship manager, task

* The salary listed in the header is an estimate based on salary data for similar jobs in the same area. Salary or compensation data found in the job description is accurate.

Launch your career - Upload your resume now!

Upload your resume

Loading some great jobs for you...