Job Description:

Join a global security operations function that protects critical applications, infrastructure and enterprise security tooling. Our Security Operations team combines ITIL-driven process discipline with hands-on technical troubleshooting to detect, contain and remediate security risks across identity, endpoint, network and cloud platforms. As threats evolve and new technologies emerge, we’re the first line of defense—stabilizing operations and enabling secure business outcomes.

Role purpose
We’re looking for a reliable, technically curious 24x7 Security Operations Analyst to deliver consistent, high-quality platform support across all shifts. You’ll independently triage standard alerts and service requests, coordinate with engineering and operations teams, and help keep security tools healthy and available. This role requires sound judgment, good communication, and a drive to improve runbooks and operational playbooks over time.

What you’ll do (key responsibilities):

• Manage IT security platforms and ensure tools remain operational with minimal downtime
• Independently triage and resolve standard L1 alerts and service requests; perform solid initial investigations before escalation
• Act as the security liaison for Engineering and Operations and collaborate with underpinning service teams and external partners
• Support ITRMS use-case development, maintain the roadmap, catalogue and backlog
• Ensure alignment with platform governance, SDLC and ITIL processes
• Monitor product usage and performance; identify and track recurring issues and propose runbook improvements
• Correlate security incidents, events, service requests and work orders to determine business impact when possible
• Contain and resolve incidents or collect evidence and context for escalation following approved prioritization processes
• Use Service Now and other reporting tools to manage cases, SLAs and lifecycle workflows
• Handle agent/sensor/scanning and ingestion issues at L1 and escalate appropriately with context and evidence
• Contribute to shift coordination and operational continuity; mentor and guide junior analysts during shifts

Vendors and platforms — good to have:

• Mc Afee / Trellix: ePO, HIPS, ENS, VSE, Solidcore
• Crowd Strike (Falcon)
• Microsoft Security Suite, primarily Microsoft Defender
• Cylance
• Cisco FireAMP
• Zscaler
• Splunk

What we’re looking for (qualifications):

• Solid understanding of security operations workflows and incident handling
• Knowledge of endpoint and network security concepts and tooling
• Familiarity with Service Now and ITIL framework; experience with security product governance a plus
• Experience with one or more of the vendors/platforms listed above is highly desirable
• Ability to correlate signals across platforms and perform independent problem analysis to identify root causes
• Strong written and verbal English communication; able to explain technical issues to diverse audiences clearly and authoritatively
• Comfortable working under pressure, with professional presence and sound prioritization skills
• Team-focused, adaptable, self-motivated and energetic; able to work effectively with diverse stakeholders
• Familiarity with regulatory considerations (e.g., PCI, GDPR) is desirable
• Education: BS in Information Security, Computer Science, Engineering or equivalent experience

What we offer:

• Hybrid work environment with flexibility
• Competitive salary and benefits package
• 24/7 rotational shift structure with strong team-based support and clear escalation paths
• Opportunities for professional growth, certifications and ongoing training in modern security technologies
• Collaborative, dynamic team where your contributions directly improve operational resilience

How to apply:

If you’re ready to be part of a security-first operations team that values technical rigor and continuous improvement, we’d love to hear from you. Please submit your CV and a short note describing a security incident you helped resolve and what you learned from it.

Required Skills:

Availability Management, Backlog Management, Change Controls, Emerging Technologies, Incident Management, Infectious Disease, Information Technology (IT) Risk Management, IT Project Lifecycle, IT Security Governance, Management System Development, Motivation Management, Problem Management, Quality Assurance (QA), Security Incident Management, Security Technologies, Self Motivation, Service Delivery, Services Management, SLA Management, Software Configurations, Software Development Life Cycle (SDLC), Testing, Works Under Pressure

Preferred Skills:

Current Employees apply HERE

Current Contingent Workers apply HERE

Search Firm Representatives Please Read Carefully
Merck & Co., Inc., Rahway, NJ, USA, also known as Merck Sharp & Dohme LLC, Rahway, NJ, USA, does not accept unsolicited assistance from search firms for employment opportunities. All CVs / resumes submitted by search firms to any employee at our company without a valid written search agreement in place for this position will be deemed the sole property of our company. No fee will be paid in the event a candidate is hired by our company as a result of an agency referral where no pre-existing agreement is in place. Where agency agreements are in place, introductions are position specific. Please, no phone calls or emails.

Employee Status:

Regular

Relocation:

No relocation

VISA Sponsorship:

No

Travel Requirements:

No Travel Required:

Flexible Work Arrangements:

Hybrid

Shift:

• 1st
• Day, 2nd
• Evening, 3rd
• Night

Valid Driving License:

No

Hazardous Material(s):

n/a

Job Posting End Date:

05/18/2026

**A job posting is effective until 11:59:59PM on the day BEFORE the listed job posting end date. Please ensure you apply to a job posting no later than the day BEFORE the job posting end date.