Associate Director for Architecture, IT Risk Management and Security

Job Description

Job Description

We are seeking a highly skilled Security Architect with a strong background in designing resilient and highly available cloud-hybrid systems. In this role you will be responsible for working with business and technology architects and IT leaders to help drive technology optimization, align teams to overall Security and Compliance Strategy and drive technology and architecture blueprints re-use.

The ideal candidate would be self-driven and able to work with little supervision.

Key responsibilities:

• Design and Implementation: Designing robust and scalable cloud-hybrid systems that ensure high availability and resilience in a medium to large organization.
• Oversee PoCs and discovery efforts: Help initiating, driving or overseeing PoC and discovery efforts allowing the company to protect against emerging threats and address controls deficiencies
• Defining Security architecture principles, patterns and blueprints: Prepare reusable architectural artifacts in the form of design diagrams, IaC or infographics.
• Strategic alignment: Collaborate with cross-functional teams to influence and define roadmaps and strategies, ensuring alignment with organizational strategy and company’s goals.
• Stakeholder Engagement: Build and maintain strong interpersonal relationships, leveraging exceptional networking and influencing skills to navigate cross-culturally with a diverse range of stakeholders, both internally and externally.
• Train & educate technical architects on security best practices and broker knowledge sharing within the Security Architecture community.

Required Experience and qualification:

• Experience working in a large enterprise, driving outcomes by influencing various IT and business teams, business and technology architects, IT and divisional leaders.
• Experience working within a Scaled Agile Framework (SAFe), Product Model and Agile teams.
• Proven Expertise in Security Architecture and Threat Modeling: Demonstrated experience in designing and implementing security architectures, particularly within hybrid environments that integrate on-premises and cloud solutions. Ability to assess risks and develop strategies to mitigate threats effectively.
• Strong understanding of core IT Security disciplines: Knowledge of IAM, Network Security, Endpoint Security, Security Operations, Risk and compliance
• Strong Grasp of Architectural Principles and Technologies: Deep familiarity with modern architectural methodologies including serverless architectures, microservices, and the principles of DevSecOps. Ability to leverage these technologies to deliver innovative and effective security solutions that align with business goals.
• Analytical and Problem-Solving Skills: Exceptional analytical skills coupled with a strong aptitude for problem-solving. A proactive mindset focused on innovation and the continuous improvement of security practices.
• Effective Communication and Collaboration Skills: Excellent verbal and written communication abilities, allowing for effective collaboration with both technical teams and non-technical stakeholders. Capable of educating teams on complex security concepts in a clear and concise manner.

Preferred experience and qualification:

• In-Depth Understanding of Modern Security Paradigms: Comprehensive knowledge of contemporary security approaches, such as Zero Trust architecture, to ensure robust security in digital environments.
• Hands-On Experience with Cybersecurity Standards and Frameworks: Practical application of established cybersecurity standards and frameworks, including NIST Cybersecurity Framework (NIST CSF), Center for Internet Security (CIS) Critical Security Controls, ISO 27000 series, and NIS2 Directive, to enhance organizational security posture.
• Training and certifications aligned with the job description
  • e.g. ISC2 CISSP certification
  • e.g. GIAC relevant certifications
  • e.g. ISACA CISM or CISA
  • e.g. CCSK or Cloud Architecture Certifications (AWS, Azure, GCP)

What we offer:

• Exciting work in a great team, global projects, international environment,
• Opportunity to learn and grow professionally within the company globally,
• Hybrid working model, flexible role pattern (e.g., even 80% full-time is possible in justified cases),
• Pension and health insurance contributions,
• Internal reward system plus referral program,
• 5 weeks annual leave, 5 sick days, 15 days of certified sick leave paid above statutory requirements annually, 40 paid hours annually for volunteering activities, 12 weeks of parental contribution,
• Cafeteria for tax free benefits according to your choice (meal vouchers, Lítačka, sport, culture, health, travel, etc.), Multisport Card,
• Vodafone, Raiffeisen Bank, Foodora, and Mall.cz discount programs,
• Up-to-date laptop and iPhone,
• Parking in the garage, showers, refreshments, massage chairs, library, music corner,
• Competitive salary, incentive pay, and many more. 

 
Ready to take up the challenge? Apply now! 
Know anybody who might be interested? Refer this job!

Current Employees apply HERE

Current Contingent Workers apply HERE

Search Firm Representatives Please Read Carefully 
Merck & Co., Inc., Rahway, NJ, USA, also known as Merck Sharp & Dohme LLC, Rahway, NJ, USA, does not accept unsolicited assistance from search firms for employment opportunities. All CVs / resumes submitted by search firms to any employee at our company without a valid written search agreement in place for this position will be deemed the sole property of our company.  No fee will be paid in the event a candidate is hired by our company as a result of an agency referral where no pre-existing agreement is in place. Where agency agreements are in place, introductions are position specific. Please, no phone calls or emails. 

Employee Status:

Relocation:

VISA Sponsorship:

Travel Requirements:

Flexible Work Arrangements:

Shift:

Valid Driving License:

Hazardous Material(s):

Job Posting End Date:

*A job posting is effective until 11:59:59PM on the day BEFORE the listed job posting end date. Please ensure you apply to a job posting no later than the day BEFORE the job posting end date.