Job Description

Senior Manager, Future Operations and Response Analyst

The Opportunity 

Based in Hyderabad, join a global healthcare biopharma company and be part of a 130- year legacy of success backed by ethical integrity, forward momentum, and an inspiring mission to achieve new milestones in global healthcare.  Be part of an organization driven by digital technology and data-backed approaches that support a diversified portfolio of prescription medicines, vaccines, and animal health products.  Drive innovation and execution excellence. Be a part of a team with passion for using data, analytics, and insights to drive decision-making, and which creates custom software, allowing us to tackle some of the world's greatest health threats.  

Our Technology Centers focus on creating a space where teams can come together to deliver business solutions that save and improve lives. An integral part of our company’s IT operating model, Tech Centers are globally distributed locations where each IT division has employees to enable our digital transformation journey and drive business outcomes. These locations, in addition to the other sites, are essential to supporting our business and strategy.

A focused group of leaders in each Tech Center helps to ensure we can manage and improve each location, from investing in growth, success, and well-being of our people, to making sure colleagues from each IT division feel a sense of belonging to managing critical emergencies. And together, we must leverage the strength of our team to collaborate globally to optimize connections and share best practices across the Tech Centers.  

Role Overview 

As a part of our Company's Cyber Fusion Center (CFC), the Future Operations and Response Team (FORT) is responsible for proactively driving remediation of cyber security risks across our IT and OT infrastructure, leading the CFC’s external engagement, and establishing the CFC’s governance framework to ultimately reduce company’s attack surface and maintaining company’s proactive cybersecurity posture.

The FORT Senior Specialist (Senior Manager) will collaborate with external and internal stakeholders across international technical centers to maintain our Company’s proactive cyber security posture. They are responsible for the daily prioritization and actioning of IT/OT cyber security operations including, but not limited to, vulnerability remediation, vulnerability scanning activities, stakeholder engagement, metrics reporting, governance, and communications. The FORT Senior Specialist works closely with security operations teams, information technology teams, enterprise risk management teams, executive decision-makers, industry peers, and private/public sector intel sharing groups.  

What will you do in this role: 

Tracks vulnerabilities and misconfigurations for IT on-premises and cloud infrastructure and engages stakeholders to drive proactive remediation of time-sensitive vulnerabilities in accordance with our internal vulnerability prioritization and vulnerability remediation SLAsTracks OT vulnerabilities and security concerns and engages OT stakeholders to drive proactive remediation and a security first mindsetEnhances company’s OT cyber security posture by facilitating effective integration of threat detection, vulnerability remediation, and cyber threat intelligence across our OT environmentCommunicate frequently and effectively with many stakeholders and cross-functional teams on vulnerability and misconfiguration remediationResponsible for stakeholder engagement and remediation leveraging the ServiceNow Vulnerability Response module, including full process ownershipConducts routine and scheduled vulnerability scanning of critical assets, applications, and infrastructureMonitors and actions reported vulnerabilities by ethical hackers --this includes engagement with internal and external stakeholders to remediate the identified vulnerabilitiesResponsible for ensuring effective cyber security governance, metrics, and reporting for company’s Cyber Fusion CenterMentor and support a team of CFC employees out of the Hyderabad Tech Center. The candidate will be an escalation point for questions and guidance.Develop and implement strategies to identify, analyze, and mitigate vulnerabilities in our environment.Work with key stakeholders to improve vulnerability management processes.Improve the new ServiceNow VR module by working directly with teams to ensure that all enhancements are brought to the team’s attention and provide guidance to improve processes.Work in ServiceNow on tickets assigned to our team requesting Database, Website, and Asset vulnerability scans.Have an understanding of Security Operation Center (SOC) activity and be able to respond to cyber security incidents.Identify potential process and product improvements and drive follow-on activities.Responsible for Quality Assurance and Quality Control (QA/QC) for FORT team deliverables

What should you have: 

Education Minimum Requirement:

BA/BS or MA/MS in either Computer Science, Information Security, Information Systems, Cyber Security, or other related fields.Certifications: (not required, but preferred) CISSP, CISA, Security+, OSCP.

Required Experience and Skills: 

5+ years of experience in one or more of the following areas:Vulnerability ManagementCyber Incident ResponsePenetration TestingExcellent understanding of Cloud infrastructureExcellent verbal and written communications skills.Excellent knowledge of cloud and on-premises vulnerability/misconfiguration remediationExperience working with ticketing tools like ServiceNowExperience working with MDR solutions like Red CanaryExperience working Cloud Security Posture Management tools like WizExperience working with large data sets, using tools and scripting languages within Excel, Python, Microsoft Sentinel, and Power BI.Demonstrated ability to work independently and as part of global teams in a fast-paced global environment.Demonstrated ability to drive projects to completion and identify ways of improvement 

Our technology teams operate as business partners, proposing ideas and innovative solutions that enable new organizational capabilities. We collaborate internationally to deliver services and solutions that help everyone be more productive and enable innovation.

Who we are:

We are known as Merck & Co., Inc., Rahway, New Jersey, USA in the United States and Canada and MSD everywhere else. For more than a century, we have been inventing for life, bringing forward medicines and vaccines for many of the world's most challenging diseases. Today, our company continues to be at the forefront of research to deliver innovative health solutions and advance the prevention and treatment of diseases that threaten people and animals around the world.

What we look for:

Imagine getting up in the morning for a job as important as helping to save and improve lives around the world. Here, you have that opportunity. You can put your empathy, creativity, digital mastery, or scientific genius to work in collaboration with a diverse group of colleagues who pursue and bring hope to countless people who are battling some of the most challenging diseases of our time. Our team is constantly evolving, so if you are among the intellectually curious, join us—and start making your impact today.

#HYDIT2025

Current Employees apply HERE

Current Contingent Workers apply HERE

Secondary Language(s) Job Description:

To enhance the effectiveness of our newly formed Future Operations team, we propose adding a new role focused on proactive security measures and stakeholder engagement. This role will streamline remediation processes and ensure robust compliance with security policies, addressing the increasing complexity of our cloud security posture and firewall hygiene. Additionally, the new role will support the automation of notification and remediation processes, improving efficiency and reducing manual workload. By integrating these responsibilities, we aim to maintain a high-security posture and support strategic initiatives across the organization

Search Firm Representatives Please Read Carefully 
Merck & Co., Inc., Rahway, NJ, USA, also known as Merck Sharp & Dohme LLC, Rahway, NJ, USA, does not accept unsolicited assistance from search firms for employment opportunities. All CVs / resumes submitted by search firms to any employee at our company without a valid written search agreement in place for this position will be deemed the sole property of our company.  No fee will be paid in the event a candidate is hired by our company as a result of an agency referral where no pre-existing agreement is in place. Where agency agreements are in place, introductions are position specific. Please, no phone calls or emails. 

Employee Status:

Regular

Relocation:

VISA Sponsorship:

Travel Requirements:

Flexible Work Arrangements:

Hybrid

Shift:

Valid Driving License:

Hazardous Material(s):

Required Skills:

Cyber Threat Intelligence, Digital Forensics, Penetration Testing, Security Operations, SLA Management, Vulnerability Scanning

 Preferred Skills:

Job Posting End Date:

09/4/2025

*A job posting is effective until 11:59:59PM on the day BEFORE the listed job posting end date. Please ensure you apply to a job posting no later than the day BEFORE the job posting end date.

Requisition ID:R359250