Job Description

The Position

We are an innovative, global healthcare leader committed to improving health and well-being in 140 countries around the world. Our product categories include heart and respiratory health, diabetes, infectious diseases and women's health. We continue to focus our research on conditions that affect millions of people around the world - diseases like Alzheimer's, Diabetes and Cancer - while further expanding our strengths in areas such as vaccines and biologics. We aspire to be the best healthcare company in the world and are dedicated to providing leading innovations and solutions for tomorrow.

Increased risks in both the information security and the regulated areas have resulted in need for security and compliance experts to be fully embedded within the IT organization. Also, emerging technologies like cloud, mobility and data analytics require strong IT Risk and Compliance early involvement.

To help meet these emerging challenges we are seeking an energetic, forward-thinking Senior Cybersecurity Incident Response Analyst.

What will you do?

• Analyze, investigate and respond to identified cyber security incidents.
• Provide guidance to junior colleagues with relation to security and incident handling practices.
• Actively manage, drive and provide recommendations on remediation efforts.
• Provide investigation findings for cyber events to the relevant cyber security assurance functions in order to help improve information security posture.
• Respond to high-priority requests for information/intelligence from senior stakeholders.
• Validate and maintain incident response plan, processes and work instructions to unsure readiness with relation to evolving threats.
• Analyze the potential impact of new threats and communicates risks to relevant cyber security assurance functions.
• Build strong relationships with business and technology stakeholders.
• Contribute pro providing metrics, insights and reports to leadership.
• Effectively represent the team and communicate with all levels of organization including senior management and business stakeholders.
• Identify and develop workflow automation to lower response time and eliminate lengthy procedures in the incident management process.
• Perform additional analysis of escalations and conduct case review.
• Develop specific expertise, to discern patterns of complex threat actor behavior, and to communicate an understanding of current and developing cyber threats
• Provide expert analysis on strategic threats, actors, Advanced Persistent Threat groups, security incidents, vulnerabilities and other security topics.

Qualifications, Skills & Experience Required

• Minimum of 5 years of experience in IT security domain
• Intimate knowledge of incident response best practices, the Cyber Kill Chain, MITRE ATT&CK Framework, Diamond Model of Intrusion Analysis, or other relevant network defense and intelligence frameworks
• Strong skills with security technologies, such as SIEM, EDR, network and cloud security tools
• Understanding of cyber security standards, laws and regulations, such as GXP, NIS2 and GDPR
• Ability to find solutions independently as well as collaborate and share meaningful information within a team
• Demonstrated experience working as part of global teams in a fast-paced complex environment
• Excellent verbal and written communications skills. Ability to articulate findings, issues, requests and solutions effectively
• Previous experience in a role responsible for daily operations
• Advanced knowledge in one or more cybersecurity areas such as cloud Security, OT Security, offensive security, malware analysis, digital forensics, vulnerability management, network traffic analysis, security engineering, cyber threat intelligence, threat hunting, etc.

Nice to have

• Working knowledge of software development lifecycle, asset management, agile methodology, network administration, etc.
• IT Security certifications as CySA+, CISSP, SANS/GIAC, CEH are highly desirable
• Proven experience in decision-making situations, with a proven ability to weigh the relative costs and benefits of potential actions and identifying the most appropriate plan
• Understanding business needs and commitment to delivering high-quality, prompt, and efficient service to stakeholders

What we offer

• Exciting work in a great team, global projects, international environment
• Opportunity to learn and grow professionally within the company globally
• Hybrid working model, flexible role pattern (e.g., even 80% full-time is possible in justified cases)
• Pension and health insurance contributions
• Internal reward system plus referral programme
• 5 weeks annual leave, 5 sick days, 15 days of certified sick leave paid above statutory requirements annually, 40 paid hours annually for volunteering activities, 12 weeks of parental contribution
• Cafeteria for tax free benefits according to your choice (meal vouchers, Lítačka, sport, culture, health, travel, etc.), Multisport Card
• Vodafone, Raiffeisen Bank, Foodora, and Mall.cz discount programmes
• Up-to-date laptop and iPhone
• Parking in the garage, showers, refreshments, massage chairs, library, music corner
• Competitive salary, incentive pay, and many more

Ready to take up the challenge? Apply now!
Know anybody who might be interested? Refer this job!

Current Employees apply HERE

Current Contingent Workers apply HERE

Search Firm Representatives Please Read Carefully
Merck & Co., Inc., Rahway, NJ, USA, also known as Merck Sharp & Dohme LLC, Rahway, NJ, USA, does not accept unsolicited assistance from search firms for employment opportunities. All CVs / resumes submitted by search firms to any employee at our company without a valid written search agreement in place for this position will be deemed the sole property of our company. No fee will be paid in the event a candidate is hired by our company as a result of an agency referral where no pre-existing agreement is in place. Where agency agreements are in place, introductions are position specific. Please, no phone calls or emails.

Employee Status:

Regular

Relocation:

VISA Sponsorship:

Travel Requirements:

Flexible Work Arrangements:

Hybrid

Shift:

Valid Driving License:

Hazardous Material(s):

Required Skills:

Application Infrastructure, Application Infrastructure, Change Management, Cloud Security, Computer Science, Cyber Kill Chain, Cybersecurity, Cyber Security Standards, Cyber Threat Intelligence, Digital Forensics, Emerging Technologies, Global Team Collaboration, Governance Development, Identity Access Management (IAM), Incident Management, Incident Response, Incident Response Planning, Infectious Disease, Influence, Information Security, IT Change Management, IT Infrastructure Management, IT Project Lifecycle, Motivation Management, Network Systems {+ 5 more}

Preferred Skills:

Job Posting End Date:

06/23/2025

*A job posting is effective until 11:59:59PM on the day BEFORE the listed job posting end date. Please ensure you apply to a job posting no later than the day BEFORE the job posting end date.