Job Description

Position

Senior Specialist, ITRMS Architecture

Department

IT Risk Management & Security

Job Description

We are seeking a highly skilled Security Architect with a strong background in designing resilient and highly available cloud-hybrid systems. In this role you will be responsible for working with business and technology architects and IT leaders to help drive technology optimization, align teams to overall Security and Compliance Strategy and drive technology and architecture blueprints re-use.

The ideal candidate would be self-driven and able to work with little supervision.

Key responsibilities:

• Design and Implementation: Designing robust and scalable cloud-hybrid systems that ensure high availability and resilience in a medium to large organization.
• Oversee PoCs and discovery efforts: Help initiating, driving or overseeing PoC and discovery efforts allowing the company to protect against emerging threats and address controls deficiencies
• Defining Security architecture principles, patterns and blueprints: Prepare reusable architectural artifacts in the form of design diagrams, IaC or infographics
• Strategic alignment: Collaborate with cross-functional teams to influence and define roadmaps and strategies, ensuring alignment with organizational strategy and company’s goals.
• Stakeholder Engagement: Build and maintain strong interpersonal relationships, leveraging exceptional networking and influencing skills to navigate cross-culturally with a diverse range of stakeholders, both internally and externally.
• Training & educate technical architects on security best practices and broker knowledge sharing within the Security Architecture community

Qualifications, Skills & Experience

Required Experience and qualification:

• Experience working in a large enterprise, driving outcomes by influencing various IT and business teams, business and technology architects, IT and divisional leaders.
• Experience working within a Scaled Agile Framework (SAFe), Product Model and Agile teams.
• Proven Expertise in Security Architecture and Threat Modeling: Demonstrated experience in designing and implementing security architectures, particularly within hybrid environments that integrate on-premises and cloud solutions. Ability to assess risks and develop strategies to mitigate threats effectively.
• Strong understanding of core IT Security disciplines: Knowledge of IAM, Network Security, Endpoint Security, Security Operations, Risk and compliance
• Strong Grasp of Architectural Principles and Technologies: Deep familiarity with modern architectural methodologies including serverless architectures, microservices, and the principles of DevSecOps. Ability to leverage these technologies to deliver innovative and effective security solutions that align with business goals.
• Analytical and Problem-Solving Skills: Exceptional analytical skills coupled with a strong aptitude for problem-solving. A proactive mindset focused on innovation and the continuous improvement of security practices.
• Effective Communication and Collaboration Skills: Excellent verbal and written communication abilities, allowing for effective collaboration with both technical teams and non-technical stakeholders. Capable of educating teams on complex security concepts in a clear and concise manner.

• In-Depth Understanding of Modern Security Paradigms: Comprehensive knowledge of contemporary security approaches, such as Zero Trust architecture, to ensure robust security in digital environments.
• Hands-On Experience with Cybersecurity Standards and Frameworks: Practical application of established cybersecurity standards and frameworks, including NIST Cybersecurity Framework (NIST CSF), Centre for Internet Security (CIS) Critical Security Controls, ISO 27000 series, and NIS2 Directive, to enhance organizational security posture.
• Training and certifications aligned with the job description
  • e.g. ISC2 CISSP certification
  • e.g. GIAC relevant certifications
  • e.g. ISACA CISM or CISA
  • e.g. CCSK or Cloud Architecture Certifications (AWS, Azure, GCP)

We offer:

• Competitive remuneration
• Position in a world leading global company
• Challenging career
• Professional growth based on performance
• Innovative working environment
• Wide range of benefits.

#HYDIT2025

Current Employees apply HERE

Current Contingent Workers apply HERE

Search Firm Representatives Please Read Carefully
Merck & Co., Inc., Rahway, NJ, USA, also known as Merck Sharp & Dohme LLC, Rahway, NJ, USA, does not accept unsolicited assistance from search firms for employment opportunities. All CVs / resumes submitted by search firms to any employee at our company without a valid written search agreement in place for this position will be deemed the sole property of our company. No fee will be paid in the event a candidate is hired by our company as a result of an agency referral where no pre-existing agreement is in place. Where agency agreements are in place, introductions are position specific. Please, no phone calls or emails.

Employee Status:

Regular

Relocation:

VISA Sponsorship:

Travel Requirements:

Flexible Work Arrangements:

Hybrid

Shift:

Valid Driving License:

Hazardous Material(s):

Required Skills:

Emerging Technologies, Methods and Tools, Requirements Management, Software Development, Software Development Life Cycle (SDLC), Solution Architecture, Strategic Planning, System Designs, Technical Advice

Preferred Skills:

Job Posting End Date:

10/6/2025

*A job posting is effective until 11:59:59PM on the day BEFORE the listed job posting end date. Please ensure you apply to a job posting no later than the day BEFORE the job posting end date.