Cyber Security Governance Expert (all genders)

Posted 08 Nov 2022

Darmstadt, Hessen - Germany

Req Id 255956


A career at our company is an ongoing journey of discovery: our 60,300 people are shaping how the world lives, works and plays through next generation advancements in Healthcare, Life Science and Electronics. For more than 350 years and across the world we have passionately pursued our curiosity to find novel and vibrant ways of enhancing the lives of others.


Your Role: The Cyber Security Governance Expert position is an integral member of our Group Cyber Security organization. In this role, you will lead the development of our company’s Cyber Security Governance Policy and Control Framework in line with industry standards, regulatory requirements, and best practices to protect confidentiality, integrity, and availability across our company’s IT and OT assets, software-based products, and applications. As a member of the Cyber Security Strategy, Governance, Assurance, and Risk Management team, your main responsibilities are:

  • Lead the development and enhancement of the Cyber Security Governance Policy and Control Framework in line with industry standards, regulatory requirements and best practices
  • Promote stakeholder consensus on the Governance Policies and Controls to guide good Cyber Security hygiene and staff behaviors across all domains of IT, OT, IoT and software-based products
  • Partner with management and assist them in implementing a sustainable Cyber Security Governance program
  • Work with business professionals around the globe to raise awareness for and assist them in interpreting the Cyber Security standards
  • Conduct Cyber Security audits and control effectiveness reviews (also with external partners) to verify and ensure that stakeholders throughout Merck adhere to relevant Cyber Security requirements


Who you are:

  • Bachelor’s degree or equivalent in intelligence studies, computer science, engineering or related field.
  • Minimum of 5 years experience with a focus on industry standards and regulatory requirements (e.g. ISO/IEC 27002, TÜVIT Trusted Site Infrastructure (v4), PCI DSS, CIS CSC, NIST SP 800-64 R2, HIPAA or KRITIS / B3S PHARMA)
  • Strong analytical and interpersonal communication skills, including the ability to communicate effectively and build consensus with teams across organizational lines
  • Demonstrated experience across multiple information security domains preferred (e.g. IT, OT, IoT and products)
  • Expertise in conducting Cyber Security audits (also with external partners) with the ability to derive and implement actions in order to close identified gaps in alignment with affected business areas
  • 1 or more industry-recognized security, or audit professional certifications (e.g. CISA, CISM, CISSP, CCSP)
  • Professional with a positive attitude and capable of contributing to a dynamic and team-oriented culture
  • Fluent in English, additional language skills (e.g. German) considered as an advantage

What we offer: We are curious minds that come from a broad range of backgrounds, perspectives, and life experiences. We celebrate all dimensions of diversity. We believe that it drives excellence, innovation, and human progress. We care about our customers, patients, and our rich mix of people. This diversity strengthens our ability to lead in science and technology. We are committed to creating access and opportunities for all and empower you to fulfil your ambitions. Our diverse businesses offer various career moves to seek new horizons. Join us in building a culture of inclusion and belonging that impacts millions and empowers everyone to bring their curiosity to life!

Careers during Covid-19

Thank you for visiting our careers website, we are always looking for curious minds to join our teams. We understand how much the world is being impacted by the Covid-19 crisis and we want to assure you that your safety is very important to us. To ensure that everyone’s health is protected, instead of a standard face-to-face interview, it is likely that you will be offered alternative digital interview options. As an employee of the Company, you will be required to comply with all of the Company’s COVID-19 safety protocols and policies. The organization has currently suspended enforcement of its COVID-19 Vaccination Policy, but that policy may be reinstated by the Company in its discretion.

North America Disclosure

The Company is committed to accessibility in its workplaces, including during the job application process. Applicants who may require accommodation during the application process should speak with our Candidate Services team at 844-655-6466 from 8:00am to 5:30pm ET Monday through Friday. If you are a resident of a Connecticut or Colorado, you are eligible to receive additional information about the compensation and benefits, which we will provide upon request. You may contact 855 444 5678 from 8:00am to 5:30pm ET Monday through Friday, for assistance.

Notice on Fraudulent Job Offers

Unfortunately, we are aware of third parties that pretend to represent our company offering unauthorized employment opportunities. If you think a fraudulent source is offering you a job, please have a look at the following information:

Apply Now

Let’s stay connected

You want to check the status of your application or change your candidate profile? Enter our job portal to access your candidate profile.