Head of Cyber Protection & Digital Asset Security / all genders / Part-fulltime
Darmstadt, Hessen, DE, 64293
Merck Group
Work Your Magic with us!
Ready to explore, break barriers, and discover more? We know you’ve got big plans – so do we! Our colleagues across the globe love innovating with science and technology to enrich people’s lives with our solutions in Healthcare, Life Science, and Electronics. Together, we dream big and are passionate about caring for our rich mix of people, customers, patients, and planet. That's why we are always looking for curious minds that see themselves imagining the unimaginable with us.
Everything we do in Electronics is to help us deliver on our purpose of being the company behind the companies, advancing digital living. We are dedicated to being the trusted supplier of high-tech materials, services and specialty chemicals for the electronics, automotive and cosmetics industries. We foster a global collaborative organization made up of individuals who have the passion to win, obsess about the customer, are relentlessly curious and act with urgency. Together, we push the boundaries of science to make more possible for our customers.
Your role:
As the Head of Cyber Protection & Digital Asset Security, you play a pivotal role within Electronics (EL) Cyber Security team, reporting directly to the EL CISO. You are part of the EL Cyber Security team, interfacing with the EL business and corporate Cyber Security team. You lead a team overseeing identity and access control, endpoint protection, and ensuring effective response and recovery processes. You contribute to the evolution of technical capabilities, particularly in operational technology (OT) environments, with close alignment to our corporate Cyber Security. Your role is crucial in protecting our EL IT and OT assets, software-based products, and applications and maintain a robust Cyber Security posture. Key Responsibilities: Lead a team developing of and supporting in implementation of principles and strategies for network & endpoint security, including system hardening, patch management, and threat mitigation as well as security for business applications, SAP systems, cloud environments, and digital products. Oversee development of incident response and recovery plans for IT and OT assets, software-based products, and applications. Communicate the vision for business application security, maintain guidelines, secure SDLC, and implement CI/CD security controls. Collaborate with engineering teams to address vulnerabilities and oversee penetration testing. Oversee SAP security strategies, including user access management and maintaining security settings. Define and improve the cloud security governance framework, ensure compliance, and engage with new cloud technologies.
Who you are:
- A minimum of 8 years of experience in Cyber Security, with at least 3 years in a leadership role focusing on application and infrastructure security following industry standards and regulatory requirements (e.g. ISO27000, NIST CSF, NIS2, PCI DSS, KRITIS / B3S PHARMA).
- Demonstrated experience in developing and implementing security strategies and measures in applications and infrastructure. In-depth knowledge of security measures and tools to protect SAP, Cloud Environments and Digital Products in IT and OT, software-based products, and applications considered as a plus.
- Demonstrated expertise in developing and implementing incident response and recovery strategies.
- Strong analytical and problem-solving skills with the ability to assess complex security issues and develop effective solutions.
- 1 or more industry-recognized security, or audit professional certifications (e.g. CISA, CISM, CISSP, CCSP).
- Understanding of the specific security challenges and regulatory requirements of the chemical and semiconductor industry, including production facilities, is a plus.
- Excellent verbal and written communication skills in English (German is a plus).
What we offer: We are curious minds that come from a broad range of backgrounds, perspectives, and life experiences. We celebrate all dimensions of diversity and believe that it drives excellence and innovation, strengthening our ability to lead in science and technology. We are committed to creating access and opportunities for all to develop and grow at your own pace. Join us in building a culture of inclusion and belonging that impacts millions and empowers everyone to work their magic and champion human progress!
Apply now and become a part of our diverse team!
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security CCSP CI/CD CISA CISM CISO CISSP Cloud Compliance Endpoint security Governance Incident response ISO 27000 NIS2 NIST PCI DSS Pentesting SAP SDLC Vulnerabilities
Perks/benefits: Career development
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.