Adresse
Form der Arbeit- Careers
- Jobs
Posted 29 Nov 2023
Darmstadt, Hessen - Germany
Req Id 270083
ShareIcons revealed to the leftApply NowWork Your Magic with us!
Ready to explore, break barriers, and discover more? We know you’ve got big plans – so do we! Our colleagues across the globe love innovating with science and technology to enrich people’s lives with our solutions in Healthcare, Life Science, and Electronics. Together, we dream big and are passionate about caring for our rich mix of people, customers, patients, and planet. That's why we are always looking for curious minds that see themselves imagining the unimaginable with us.
This role does not offer sponsorship for work authorization. External applicants must be eligible to work in the US.
Role Description
Chief Information Security Officer (CISO)
Be part of a dynamic, talent-oriented and engaging Corporate Security & IT/OT ecosystem , the vibrant Science & Technology Company.
Your Role:
As Chief Information Security Officer, you will report directly to the group’s Chief Security Officer and lead theMerck Information Security Office, an emerging organization of about60 FTE. You set the future vision for a comprehensive digital and non-digital Information Security strategy. You are responsible for shaping and managing the global Information Security landscape and process at Merck. You serve as a strategic advisor on security, compliance, and risks in all company data, IT, and OT activities and projects. You define the group-wide policies in line with industry best practices, applicable laws and regulations. Internally and towards third parties, you proactively conduct, follow-up and report to senior management and executive board members on risk and threat analyses ensuring protection of the company and compliance with Information Security policies. You interact with, coordinate and drive Information Security related topics and projects with cross-functional interface partners. You engage with business stakeholders to identify acceptable levels of risk and to raise awareness of risk management concerns. With your team you provide central security services to all sectors, support business projects in following the security processes and achieving their security objectives, drive the Information Security risk management processes, measure and report on Information Security, detect and manage vulnerabilities and incidents, and provide security awareness and trainings.
Key Responsibilities:
- You are the trusted advisor and in-depth investigator on all security related topics and act as trusted interface with the whole security ecosystem of Merck
- You manage the corporate-wide Information Security management program and serve as the process owner of all central security activities related to the availability, integrity, and confidentiality of information assets and define the company's Information Security policies
- You set priorities for the global Information Security program which are mission-critical for Merck
- You regularly report on the status of the Information Security program to the groupCSO, CIO, sector management, sector manufacturing heads and executive board
- You interact with cross-functional stakeholders to ensure the consistent application of policies and standards across all relevant projects, systems, and services
- You develop, implement, and monitor a strategic and comprehensive Information Security risk management program, in line with the corporate risk management framework
- You design prevention programs for threats and exposures
- You provide leadership to the Information Security organization and guide it to ensure consistent, high-quality Information Security management supporting business goals
- You influence relevant stakeholders in a matrix organization to significantly drive Information Security topics and raise awarenessof risk management concerns
- You contribute to current knowledge and create a future vision for structure, people, processes and technology to ensure data and system security
- You engage and represent the Merck central Information Security function in external committees and networks, towards government and law enforcement authorities
- You support the organization in preparation on how to respond to Information Security incidents, and guide the Corporate Crisis Management Team in an actual crisis with the technical expertise
Who you are:
- Master’s degree in Computer Science, Engineering or equivalent, PhD is a plus
- 10+ years of experience in IT, OT, risk management, Information Security, and compliance in a global environment
- 5+ years Team leadership experience in a multinational environment
- Information security certifications in CISSP, CISM, relevant ISO certification, Sarbanes-Oxley, Data Privacy laws, or PCIis a must
- Black Belt in Lean and Six Sigma is a plus
- Broad knowledge of industry cybersecurity standards and trends, and global frameworks, such as ISO/IEC 27001, NIST, CoBiT, IEC 62443, etc.
- Experience in incident response, data, application, and infrastructure vulnerability management
- Interest and knowledge in emerging technology, changes, and innovations in Information Security
- Excellent verbal and written communication skills in English (German is a plus)
Location: Darmstadt, Germany
Job Evaluation: Manager 5
Department: SQ-S
What we offer:We are curious minds that come from a broad range of backgrounds, perspectives, and life experiences. We celebrate all dimensions of diversity and believe that it drives excellence and innovation, strengthening our ability to lead in science and technology. We are committed to creating access and opportunities for all to develop and grow at your own pace. Join us in building a culture of inclusion and belonging that impacts millions and empowers everyone to work their magic and champion human progress!
Apply now and become a part of our diverse team!
If you would like to know more about what diversity, equity, and inclusion means to us, please visithttps://www.emdgroup.com/en/company/press-positions.html
Notice on Fraudulent Job Offers
Unfortunately, we are aware of third parties that pretend to represent our company offering unauthorized employment opportunities. If you think a fraudulent source is offering you a job, please have a look at the following information: https://www.merckgroup.com/en/careers/faqs.html
Apply Now
