Job Description

As a key member of the Information Technology Risk Management and Security (ITRM&S) organization, the successful candidate will be act as a member of the Information Protection team and be responsible for managing and remediating instances of sensitive data leakage, insider risk and other cyber security incidents related to information protection that occur on our global network and global computing assets. The successful candidate will also participate in other sensitive information protection activities. As part of these duties, the successful candidate will be expected to manage Information Protection (IP) incidents to the point of remediation and clearly communicate any remediation activities and status to colleagues and/or senior management.

Responsibilities:

• Investigate incidents generated from relevant information protection tools. Using log management tools, packet captures reports, data visualization, and pattern analysis

• Analyze, escalate, and assist in remediation of information security incidents related to data loss prevention

• Improve and challenge existing processes and procedures in a very agile and fast-moving information security environment

• Participation on maintenance of IP policies and rules and associated events

• Participation on engineering part of IP solution

The successful candidate will work with our Global Security Group, Legal, and other business units as appropriate based upon corporate policy to respond to IP incidents and take the appropriate response actions. The successful candidate will create, modify, and review various reports and dashboards from our various reporting tools. The successful candidate will also be responsible for analyzing IP related security incidents that are generated from other tools such as our Big Data platform. The successful candidate will maintain IP Policies/Rules and associated events which support compliance to our corporate policies. The successful candidate will also help maintain/troubleshoot issues with the IP security infrastructure. The successful candidate will also be an active participant in weekly IP management meetings reporting on security incidents that have occurred.

The IP security solutions that the successful candidate will be working on support our current and future state capabilities for achieving desired levels of information protection, confidentiality, integrity and availability of services. The successful candidate will be responsible for end-to-end problem and service management, and clear communication of ongoing problem status to colleagues and management. The successful candidate will make recommendations to strengthen the security posture of our computing environment as well as recommend process and technology improvements to ensure timely response to future IP security incidents.

The successful candidate will be required to maintain up-to-date data protection industry awareness and trends and be able to understand how emerging threats may potentially impact the organization. The role also requires active and ongoing collaboration with many other our organizations and departments acting in a consultative capacity promoting information security awareness and compliance to corporate policies.

Required Experience and Skills:

Excellent analytical and communication skills are essential for this role, as well as passion for problem solving, a desire to learn, and the ability to work in a team environment. Demonstrated skills working with various IT technologies and services. Proven record of successfully managing incidents to resolution, and the ability to trace a problem to root cause. The candidate must be able to adapt and rapidly learn new technologies and must have some background in an information security related discipline.

• DLP and other information protection tools experience

• Investigating security incidents, Tier-2 support

• Various general technical skills including knowledge of networking (i.e. TCP/IP) and security product experience

• Willingness to acquire in-depth knowledge of network and host security technologies and products

• Demonstrated ability to work in a team environment

• Knowledge of information security policies and best practices

• Strong written and verbal communication skills

Desired Experience and Skills:

• Prior experience as a data loss prevention analyst.

• Ability to build strong relationships with business and technology stakeholders, self-motivation, personal drive and high energy are highly valuable for this position

• Experience or familiarity with Data Loss Prevention solutions for network, endpoint and cloud solutions

• Experience or familiarity with content monitoring and user activity monitoring solutions

• Knowledge of current IT Data Protection landscape and upcoming trends in security

• Knowledge of other information security related products is a plus

• Information security industry certification and a legal background is a plus

Required Skills:

Cybersecurity, Information Security, Network Security

Preferred Skills:

Current Employees apply HERE

Current Contingent Workers apply HERE

Search Firm Representatives Please Read Carefully
Merck & Co., Inc., Rahway, NJ, USA, also known as Merck Sharp & Dohme LLC, Rahway, NJ, USA, does not accept unsolicited assistance from search firms for employment opportunities. All CVs / resumes submitted by search firms to any employee at our company without a valid written search agreement in place for this position will be deemed the sole property of our company. No fee will be paid in the event a candidate is hired by our company as a result of an agency referral where no pre-existing agreement is in place. Where agency agreements are in place, introductions are position specific. Please, no phone calls or emails.

Employee Status:

Regular

Relocation:

No relocation

VISA Sponsorship:

Yes

Travel Requirements:

10%

Flexible Work Arrangements:

Hybrid

Shift:

Not Indicated

Valid Driving License:

No

Hazardous Material(s):

N/A

Job Posting End Date:

04/5/2026

*A job posting is effective until 11:59:59PM on the day BEFORE the listed job posting end date. Please ensure you apply to a job posting no later than the day BEFORE the job posting end date.