Director of Architecture IT Risk Management and Security - Rahway, United States - MSD

Description

Job Description

Our company is a global health care leader with a diversified portfolio of prescription medicines, vaccines, and consumer health products, as well as animal health products. Today, we are building a new kind of healthcare company – one that is ready to help create a healthier future for all of us. As the Director of Architecture at our Rahway NJ IT HUB, you will be part of inventing tomorrow within ITRMS. Our technology centers are where great people come together and deliver solutions that save and improve lives.

The Director of Architecture ITRMS is responsible for leading and executing hands-on technical activities related to security, risk management and compliance, specifically within the context of architecture. You will work closely with various stakeholders to design and implement cybersecurity solutions that align with the organization's strategic direction and comply with industry standards.

Key Responsibilities:

• Provide leadership to the team of solution architects. This includes setting clear goals, providing mentoring and guidance ensuring the team is working towards delivering effective and efficient solutions.
• Design and guide implementation of risk informed secure solutions aligned to the organization`s standards and best practices that enable the organization to identify, protect, detect, and recover from cyber threats. Collaborate with technical teams and solution architects to ensure that security controls are integrated into the architecture, ensuring the security of on-premises, cloud, OT, AI, and emerging technologies.
• Maintain architecture framework specific to advancing the cyber strategy of the organization. This framework will guide solution architects in implementing controls correctly and ensuring compliance with company standards.
• Driving the declaration of standard technologies and use of architecture patterns within the domain area
• Provide strategic recommendations and technical guidance on cybersecurity and information security matters to executives, business leaders, and solution architects. Leverage their expertise to advise on security best practices, ensuring that security objectives are properly addressed within solution designs.
• Collaborate with the (Chief Information Security Officer) CISO office, Enterprise Architecture, and other stakeholders to align security objectives with the strategic direction, compliance requirements, and security standards specifically within the context of architecture. Work with technical teams to ensure that security requirements are properly defined and integrated into solution designs.
• Perform threat modeling in design and analyze existing solutions to identify areas of improvement and recommend appropriate security controls.
• Identify opportunities to advance innovative cybersecurity capabilities and framework within ITRMS products. Stay up to date with industry trends, emerging technologies, evolving threat landscapes, and best practices in implementing appropriate countermeasures within solution designs.
• Drive the development of new standards and patterns specific to solution architecture, considering the unique challenges and requirements of on-premises, cloud, OT, AI, and emerging technology domains. Work with technical teams to ensure patterns are effectively implemented and enforced within solution designs.
• Bring industry trends, emerging technologies, evolving threat landscapes, and best practices in implementing appropriate countermeasures within solution architectures. Foster a culture of cybersecurity knowledge within the organization to proactively address security risks and vulnerabilities through continuous improvement measures.

Qualifications: Required:

• Bachelor's degree in computer science, Information Security, or a related field
• 10 years prior experience in Information Technology
• 5 years prior experience in Enterprise, Business, Information, Systems & Application or Solution Architectures
• Applied architecture experience of IT systems and business processes that support Security and Risk Management, applied against a regional and global enterprise footprint.
• Work across IT to drive capability-led investment planning decisions.
• Results-orientation with the proven ability and reputation for developing plans and implementing them successfully.
• Solid understanding of security and risk management tools: Splunk, zScaler, etc.

Preferred Qualifications:

• Prior experience in the Pharmaceutical Industry, including a strong understanding of modern Pharmaceutical Commercial Operations, Contracting & Pricing.
• In-depth knowledge of security frameworks, standards, and best practices (e.g., ISO 27001, NIST Cybersecurity Framework.
• Knowledge/certification in TOGAF or other EA methodology frameworks.
• Knowledge of business process re-engineering principles and processes.
• Strong understanding of application development methodologies.
• Drive investment decisions with a mindset to optimize total cost of ownership delivered business value.
• Familiarity with cloud security, network security, endpoint security, and encryption technologies.

NOTICEFORINTERNALAPPLICANTS

In accordance with Managers' Policy - Job Posting and Employee Placement, all employees subject to this policy are required to have a minimum of twelve (12) months of service in current position prior to applying for open positions.

If you have been offered a separation benefits package, but have not yet reached your separation date and are offered a position within the salary and geographical parameters as set forth in the Summary Plan Description (SPD) of your separation package, then you are no longer eligible for your separation benefits package. To discuss in more detail, please contact your HRBP or Talent Acquisition Advisor.

Employees working in roles that the Company determines require routine collaboration with external stakeholders, such as customer-facing commercial, or research-based roles, will be expected to comply not only with Company policy but also with policies established by such external stakeholders (for example, a requirement to be vaccinated against COVID-19 in order to access a facility or meet with stakeholders). Please understand that, as permitted by applicable law, if you have not been vaccinated against COVID-19 and an essential function of your job is to call on external stakeholders who require vaccination to enter their premises or engage in face-to-face meetings, then your employment may pose an undue burden to business operations, in which case you may not be offered employment, or your employment could be terminated. Please also note that, where permitted by applicable law, the Company reserves the right to require COVID-19 vaccinations for positions, such as in Global Employee Health, where the Company determines in its discretion that the nature of the role presents an increased risk of disease transmission.

Current Employees apply HERE

Current Contingent Workers apply HERE

US and Puerto Rico Residents Only:

Our company is committed to inclusion, ensuring that candidates can engage in a hiring process that exhibits their true capabilities. Please click here if you need an accommodation during the application or hiring process.

We are an Equal Opportunity Employer, committed to fostering an inclusive and diverse workplace. All qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status, or other applicable legally protected characteristics. For more information about personal rights under the U.S. Equal Opportunity Employment laws, visit:

EEOC Know Your Rights

EEOC GINA Supplement​

Pay Transparency Nondiscrimination

We are proud to be a company that embraces the value of bringing diverse, talented, and committed people together. The fastest way to breakthrough innovation is when diverse ideas come together in an inclusive environment. We encourage our colleagues to respectfully challenge one another's thinking and approach problems collectively.

Learn more about your rights, including under California, Colorado and other US State Acts

U.S. Hybrid Work Model

Effective September 5, 2023, employees in office-based positions in the U.S. will be working a Hybrid work consisting of three total days on-site per week, generally Tuesday, Wednesday and either Monday or Thursday, although the specific days may vary by site or organization, with Friday designated as a remote-working day, unless business critical tasks require an on-site presence. This Hybrid work model does not apply to, and daily in-person attendance is required for, field-based positions; facility-based, manufacturing-based, or research-based positions where the work to be performed is located at a Company site; positions covered by a collective-bargaining agreement (unless the agreement provides for hybrid work); or any other position for which the Company has determined the job requirements cannot be reasonably met working remotely. Please note, this Hybrid work model guidance also does not apply to roles that have been designated as "remote".

Under New York State, Colorado State, Washington State, and California State law, the Company is required to provide a reasonable estimate of the salary range for this job. Final determinations with respect to salary will take into account a number of factors, which may include, but not be limited to the primary work location and the chosen candidate's relevant skills, experience, and education.

Expected salary range:

Available benefits include bonus eligibility, health care and other insurance benefits (for employee and family), retirement benefits, paid holidays, vacation, and sick days. For Washington State Jobs, a summary of benefits is listed here.

Search Firm Representatives Please Read Carefully
Merck & Co., Inc., Rahway, NJ, USA, also known as Merck Sharp & Dohme LLC, Rahway, NJ, USA, does not accept unsolicited assistance from search firms for employment opportunities. All CVs / resumes submitted by search firms to any employee at our company without a valid written search agreement in place for this position will be deemed the sole property of our company. No fee will be paid in the event a candidate is hired by our company as a result of an agency referral where no pre-existing agreement is in place. Where agency agreements are in place, introductions are position specific. Please, no phone calls or emails.

Employee Status:

Relocation:

VISA Sponsorship:

Travel Requirements:

Flexible Work Arrangements:

Shift:

Valid Driving License:

Hazardous Material(s):

Job Posting End Date:

*A job posting is effective until 11:59:59PM on the day BEFORE the listed job posting end date. Please ensure you apply to a job posting no later than the day BEFORE the job posting end date.

Job Posting End Date:05/20/2024

A job posting is effective until 11:59:59PM on the day BEFORE the listed job posting end date. Please ensure you apply to a job posting no later than the day BEFORE the job posting end date.

Requisition ID:R288440