Job Description

Are you passionate about security engineering and looking to make a significant impact in a leading biopharmaceutical company?
Join our company as a Sr. Specialist Engineer and play a key role in designing, implementing, and optimizing our next-generation security telemetry and analytics platforms.

You will drive complex engineering initiatives and collaborate with cross-functional teams to deliver high-impact security outcomes.
If you have hands-on technical depth and solution ownership, this is the perfect opportunity for you.

Responsibilities:

• Design and optimize enterprise-scale Sentinel SIEM/analytics solutions.

• Architect and manage ADX clusters for scalable, cost-optimized query and hunting workloads.

• Build and tune Cribl pipelines (Edge & Stream) for telemetry routing, enrichment, and normalization.

• Integrate across the Azure stack (Logic Apps, Event Hub, Functions, Key Vault, etc.) for automation and resilience.

• Design and engineer ingestion pipelines from multiple log sources into Sentinel/ADX.

• Develop and optimize KQL queries, detection rules, dashboards, and workbooks.

• Ensure telemetry pipelines are reliable, scalable, and compliant with enterprise logging standards.

• Drive performance benchmarking and cost governance for large-scale data ingestion.

• Act as a technical SME and advisor for cross-functional security and infrastructure teams.

• Mentor and support Specialist-level engineers to uplift team skills in Sentinel, ADX, and Cribl.

• Partner with incident response, threat hunting, and cloud engineering teams to translate requirements into scalable solutions.

Qualifications:

Required

• 6–10+ years of IT/security engineering experience, with 3–5+ years focused on Microsoft Sentinel & Azure security stack.

• Proven expertise in ADX schema design, query optimization, and capacity planning.

• Hands-on experience with Cribl (Stream, Edge) for enterprise-scale log routing and transformation.

• Strong proficiency in KQL, Azure Logic Apps, and data ingestion pipelines.

• Deep understanding of SIEM architectures, SOAR automation, and cloud-native security controls.

Preferred

• Experience with ServiceNow SIR or equivalent case management integrations.

• Familiarity with MITRE ATT&CK mapping for detection engineering.

• Scripting skills (PowerShell, Python, Bash) for automation.

• Strong communication skills to influence technical and non-technical stakeholders.

Required Skills:

Certificate Services, Cloud Security, Cybersecurity, Cybersecurity Analytics, Cybersecurity Operations, Incident Response, Information Security, Microsoft Azure Sentinel, Network Segmentation, Operational Technology (OT) Security, Security Analytics, System Designs, Technical Advice

Preferred Skills:

Current Employees apply HERE

Current Contingent Workers apply HERE

Search Firm Representatives Please Read Carefully
Merck & Co., Inc., Rahway, NJ, USA, also known as Merck Sharp & Dohme LLC, Rahway, NJ, USA, does not accept unsolicited assistance from search firms for employment opportunities. All CVs / resumes submitted by search firms to any employee at our company without a valid written search agreement in place for this position will be deemed the sole property of our company. No fee will be paid in the event a candidate is hired by our company as a result of an agency referral where no pre-existing agreement is in place. Where agency agreements are in place, introductions are position specific. Please, no phone calls or emails.

Employee Status:

Regular

Relocation:

VISA Sponsorship:

Travel Requirements:

Flexible Work Arrangements:

Hybrid

Shift:

Valid Driving License:

Hazardous Material(s):

Job Posting End Date:

01/1/2026

*A job posting is effective until 11:59:59PM on the day BEFORE the listed job posting end date. Please ensure you apply to a job posting no later than the day BEFORE the job posting end date.