Job Details
Senior Specialist, Cybersecurity Engineering
**Job Description**
**Privileged Access Management (PAM) Engineer (R3)**
We are looking for a dynamic professional to join our IT Risk Management & Security team as a Privileged Access Management (PAM) Engineer (R3). This IAM role focuses on privileged access, secrets management, API security, and related identity security functions. If you are passionate about cybersecurity and want to contribute to a team that is at the forefront of protecting our company's critical assets, this role is for you.
**Responsibilities**
+ Design, implement, and operate enterprise Privileged Access Management (PAM) solutions, including privileged account administration across on-premises and cloud environments
+ Serve as a subject matter expert for PAM technologies, contributing to standards, secure patterns, and best practices across applications, infrastructure, and platforms
+ Administer, monitor, patch, and support PAM platforms to ensure stability, security, and uninterrupted production operations
+ Partner with application, infrastructure, security, and vendor teams to gather requirements, evaluate technologies, remediate gaps, and drive continuous improvement
+ Produce and maintain technical documentation, architecture diagrams, and solution designs, including integration with automation, CI/CD pipelines, and third-party systems
**Minimum Qualifications** Required:
+ Bachelor's degree required in a related field
+ 3+ years delivering PAM solutions in enterprise settings
+ Skilled in PAM platforms (e.g., Delinea, CyberArk, BeyondTrust)
+ End-to-end design and implementation of PAM services and processes
+ Deep understanding of PAM concepts and enterprise deployment across on-prem/hybrid environments platforms
+ Strong analytical and independent problem-solving skills
+ Effective at managing multiple priorities and adapting to change
+ Clear written, verbal, and interpersonal communicator for technical and non-technical audiences
+ Experienced working within large, global matrixed organizations
**Preferred**
+ Experience in large healthcare or regulated environments
+ Strong understanding of cybersecurity principles, SDLC, and cloud-native security controls
+ Hands-on experience with identity platforms (Active Directory, Entra ID), cloud identity management, and HashiCorp Vault
+ Familiarity with ServiceNow for change and incident management, and experience automating tasks using PowerShell
+ Knowledge of relevant standards and frameworks (NIST, ITIL)
+ Industry-recognized certifications in information, application, or cloud security (e.g., CISSP, Security+)
**Required Skills:**
Accountability, Accountability, Automation in Systems Integration, Certificate Services, Cloud Security, Cybersecurity, Cybersecurity Analytics, Cybersecurity Operations, Delivery of Security Applications, Design Applications, Identity Access Management (IAM), Incident Management, Incident Response, Information Security, Information Systems Management, Information Technology (IT) Risk Management, Information Technology Project Management, IT Risk Assessments, Network Segmentation, Operational Technology (OT) Security, Privileged Access Management (PAM), Privileged Access Management Operations, Security Analytics, Security Compliance, Security Management {+ 6 more}
**Preferred Skills:**
Current Employees apply HERE (https://wd5.myworkday.com/msd/d/task/1422$6687.htmld)
Current Contingent Workers apply HERE (https://wd5.myworkday.com/msd/d/task/1422$4020.htmld)
**US and Puerto Rico Residents Only:**
Our company is committed to inclusion, ensuring that candidates can engage in a hiring process that exhibits their true capabilities. Please click here (https://survey.sogosurvey.com/r/aCdfqL) if you need an accommodation during the application or hiring process.
As an Equal Employment Opportunity Employer, we provide equal opportunities to all employees and applicants for employment and prohibit discrimination on the basis of race, color, age, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or other applicable legally protected characteristics. As a federal contractor, we comply with all affirmative action requirements for protected veterans and individuals with disabilities. For more information about personal rights under the U.S. Equal Opportunity Employment laws, visit:
EEOC Know Your Rights (https://www.eeoc.gov/sites/default/files/2022-10/22-088\_EEOC\_KnowYourRights\_10\_20.pdf)
EEOC GINA Supplement?
We are proud to be a company that embraces the value of bringing together, talented, and committed people with diverse experiences, perspectives, skills and backgrounds. The fastest way to breakthrough innovation is when people with diverse ideas, broad experiences, backgrounds, and skills come together in an inclusive environment. We encourage our colleagues to respectfully challenge one another's thinking and approach problems collectively.
Learn more about your rights, including under California, Colorado and other US State Acts (https://www.msdprivacy.com/us/en/CCPA-notice/)
**U.S. Hybrid Work Model**
Effective September 5, 2023, employees in office-based positions in the U.S. will be working a Hybrid work consisting of three total days on-site per week, Monday - Thursday, although the specific days may vary by site or organization, with Friday designated as a remote-working day, unless business critical tasks require an on-site presence.This Hybrid work model does not apply to, and daily in-person attendance is required for, field-based positions; facility-based, manufacturing-based, or research-based positions where the work to be performed is located at a Company site; positions covered by a collective-bargaining agreement (unless the agreement provides for hybrid work); or any other position for which the Company has determined the job requirements cannot be reasonably met working remotely. Please note, this Hybrid work model guidance also does not apply to roles that have been designated as "remote".
The salary range for this role is
$117,000.00 - $184,200.00
This is the lowest to highest salary we in good faith believe we would pay for this role at the time of this posting. An employee's position within the salary range will be based on several factors including, but not limited to relevant education, qualifications, certifications, experience, skills, geographic location, government requirements, and business or organizational needs.
The successful candidate will be eligible for annual bonus and long-term incentive, if applicable.
We offer a comprehensive package of benefits. Available benefits include medical, dental, vision healthcare and other insurance benefits (for employee and family), retirement benefits, including 401(k), paid holidays, vacation, and compassionate and sick days. More information about benefits is available at https://jobs.merck.com/us/en/compensation-and-benefits .
You can apply for this role through https://jobs.merck.com/us/en (or via the Workday Jobs Hub if you are a current employee). The application deadline for this position is stated on this posting.
**San Francisco Residents Only:** We will consider qualified applicants with arrest and conviction records for employment in compliance with the San Francisco Fair Chance Ordinance
**Los Angeles Residents Only:** We will consider for employment all qualified applicants, including those with criminal histories, in a manner consistent with the requirements of applicable state and local laws, including the City of Los Angeles' Fair Chance Initiative for Hiring Ordinance
**Search Firm Representatives Please Read Carefully**
Merck & Co., Inc., Rahway, NJ, USA, also known as Merck Sharp & Dohme LLC, Rahway, NJ, USA, does not accept unsolicited assistance from search firms for employment opportunities. All CVs / resumes submitted by search firms to any employee at our company without a valid written search agreement in place for this position will be deemed the sole property of our company. No fee will be paid in the event a candidate is hired by our company as a result of an agency referral where no pre-existing agreement is in place. Where agency agreements are in place, introductions are position specific. Please, no phone calls or emails.
**Employee Status:**
Regular
**Relocation:**
No relocation
**VISA Sponsorship:**
No
**Travel Requirements:**
10%
**Flexible Work Arrangements:**
Remote
**Shift:**
1st - Day
**Valid Driving License:**
No
**Hazardous Material(s):**
n/a
**Job Posting End Date:**
03/21/2026
***A job posting is effective until 11:59:59PM on the day** **BEFORE** **the listed job posting end date. Please ensure you apply to a job posting no later than the day** **BEFORE** **the job posting end date.**
**Requisition ID:** R387594
**Privileged Access Management (PAM) Engineer (R3)**
We are looking for a dynamic professional to join our IT Risk Management & Security team as a Privileged Access Management (PAM) Engineer (R3). This IAM role focuses on privileged access, secrets management, API security, and related identity security functions. If you are passionate about cybersecurity and want to contribute to a team that is at the forefront of protecting our company's critical assets, this role is for you.
**Responsibilities**
+ Design, implement, and operate enterprise Privileged Access Management (PAM) solutions, including privileged account administration across on-premises and cloud environments
+ Serve as a subject matter expert for PAM technologies, contributing to standards, secure patterns, and best practices across applications, infrastructure, and platforms
+ Administer, monitor, patch, and support PAM platforms to ensure stability, security, and uninterrupted production operations
+ Partner with application, infrastructure, security, and vendor teams to gather requirements, evaluate technologies, remediate gaps, and drive continuous improvement
+ Produce and maintain technical documentation, architecture diagrams, and solution designs, including integration with automation, CI/CD pipelines, and third-party systems
**Minimum Qualifications** Required:
+ Bachelor's degree required in a related field
+ 3+ years delivering PAM solutions in enterprise settings
+ Skilled in PAM platforms (e.g., Delinea, CyberArk, BeyondTrust)
+ End-to-end design and implementation of PAM services and processes
+ Deep understanding of PAM concepts and enterprise deployment across on-prem/hybrid environments platforms
+ Strong analytical and independent problem-solving skills
+ Effective at managing multiple priorities and adapting to change
+ Clear written, verbal, and interpersonal communicator for technical and non-technical audiences
+ Experienced working within large, global matrixed organizations
**Preferred**
+ Experience in large healthcare or regulated environments
+ Strong understanding of cybersecurity principles, SDLC, and cloud-native security controls
+ Hands-on experience with identity platforms (Active Directory, Entra ID), cloud identity management, and HashiCorp Vault
+ Familiarity with ServiceNow for change and incident management, and experience automating tasks using PowerShell
+ Knowledge of relevant standards and frameworks (NIST, ITIL)
+ Industry-recognized certifications in information, application, or cloud security (e.g., CISSP, Security+)
**Required Skills:**
Accountability, Accountability, Automation in Systems Integration, Certificate Services, Cloud Security, Cybersecurity, Cybersecurity Analytics, Cybersecurity Operations, Delivery of Security Applications, Design Applications, Identity Access Management (IAM), Incident Management, Incident Response, Information Security, Information Systems Management, Information Technology (IT) Risk Management, Information Technology Project Management, IT Risk Assessments, Network Segmentation, Operational Technology (OT) Security, Privileged Access Management (PAM), Privileged Access Management Operations, Security Analytics, Security Compliance, Security Management {+ 6 more}
**Preferred Skills:**
Current Employees apply HERE (https://wd5.myworkday.com/msd/d/task/1422$6687.htmld)
Current Contingent Workers apply HERE (https://wd5.myworkday.com/msd/d/task/1422$4020.htmld)
**US and Puerto Rico Residents Only:**
Our company is committed to inclusion, ensuring that candidates can engage in a hiring process that exhibits their true capabilities. Please click here (https://survey.sogosurvey.com/r/aCdfqL) if you need an accommodation during the application or hiring process.
As an Equal Employment Opportunity Employer, we provide equal opportunities to all employees and applicants for employment and prohibit discrimination on the basis of race, color, age, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or other applicable legally protected characteristics. As a federal contractor, we comply with all affirmative action requirements for protected veterans and individuals with disabilities. For more information about personal rights under the U.S. Equal Opportunity Employment laws, visit:
EEOC Know Your Rights (https://www.eeoc.gov/sites/default/files/2022-10/22-088\_EEOC\_KnowYourRights\_10\_20.pdf)
EEOC GINA Supplement?
We are proud to be a company that embraces the value of bringing together, talented, and committed people with diverse experiences, perspectives, skills and backgrounds. The fastest way to breakthrough innovation is when people with diverse ideas, broad experiences, backgrounds, and skills come together in an inclusive environment. We encourage our colleagues to respectfully challenge one another's thinking and approach problems collectively.
Learn more about your rights, including under California, Colorado and other US State Acts (https://www.msdprivacy.com/us/en/CCPA-notice/)
**U.S. Hybrid Work Model**
Effective September 5, 2023, employees in office-based positions in the U.S. will be working a Hybrid work consisting of three total days on-site per week, Monday - Thursday, although the specific days may vary by site or organization, with Friday designated as a remote-working day, unless business critical tasks require an on-site presence.This Hybrid work model does not apply to, and daily in-person attendance is required for, field-based positions; facility-based, manufacturing-based, or research-based positions where the work to be performed is located at a Company site; positions covered by a collective-bargaining agreement (unless the agreement provides for hybrid work); or any other position for which the Company has determined the job requirements cannot be reasonably met working remotely. Please note, this Hybrid work model guidance also does not apply to roles that have been designated as "remote".
The salary range for this role is
$117,000.00 - $184,200.00
This is the lowest to highest salary we in good faith believe we would pay for this role at the time of this posting. An employee's position within the salary range will be based on several factors including, but not limited to relevant education, qualifications, certifications, experience, skills, geographic location, government requirements, and business or organizational needs.
The successful candidate will be eligible for annual bonus and long-term incentive, if applicable.
We offer a comprehensive package of benefits. Available benefits include medical, dental, vision healthcare and other insurance benefits (for employee and family), retirement benefits, including 401(k), paid holidays, vacation, and compassionate and sick days. More information about benefits is available at https://jobs.merck.com/us/en/compensation-and-benefits .
You can apply for this role through https://jobs.merck.com/us/en (or via the Workday Jobs Hub if you are a current employee). The application deadline for this position is stated on this posting.
**San Francisco Residents Only:** We will consider qualified applicants with arrest and conviction records for employment in compliance with the San Francisco Fair Chance Ordinance
**Los Angeles Residents Only:** We will consider for employment all qualified applicants, including those with criminal histories, in a manner consistent with the requirements of applicable state and local laws, including the City of Los Angeles' Fair Chance Initiative for Hiring Ordinance
**Search Firm Representatives Please Read Carefully**
Merck & Co., Inc., Rahway, NJ, USA, also known as Merck Sharp & Dohme LLC, Rahway, NJ, USA, does not accept unsolicited assistance from search firms for employment opportunities. All CVs / resumes submitted by search firms to any employee at our company without a valid written search agreement in place for this position will be deemed the sole property of our company. No fee will be paid in the event a candidate is hired by our company as a result of an agency referral where no pre-existing agreement is in place. Where agency agreements are in place, introductions are position specific. Please, no phone calls or emails.
**Employee Status:**
Regular
**Relocation:**
No relocation
**VISA Sponsorship:**
No
**Travel Requirements:**
10%
**Flexible Work Arrangements:**
Remote
**Shift:**
1st - Day
**Valid Driving License:**
No
**Hazardous Material(s):**
n/a
**Job Posting End Date:**
03/21/2026
***A job posting is effective until 11:59:59PM on the day** **BEFORE** **the listed job posting end date. Please ensure you apply to a job posting no later than the day** **BEFORE** **the job posting end date.**
**Requisition ID:** R387594
Job #NLX289055013