Director Technology Risk Management

Job Description

This role provides risk governance for all IT and OT systems in our Company's Research Labs division, fostering a secure, compliant, and risk-aware culture. Additionally, the BIRO maintains a continuous feedback loop with the Information Technology Risk Management & Security (ITRMS) team to enhance and align the risk management processes to the business goals.

The ideal candidate will possess deep technical expertise, a strong understanding of business operations, and excellent leadership and stakeholder management skills. S/he must be able to translate complex security concepts into business language and influence stakeholders to drive a risk-aware culture across our Company Research Labs division organization.

Primary Responsibilities:

1. Strategic Leadership & Business Partnership

• Serve as the primary cybersecurity and risk advisor to our Company Research Labs division, aligning security strategies with the business priorities.

• Provide executive-level risk insights and recommendations to leadership in our Company Research Labs division.

• Ensure security and risk management practices are embedded in business processes, digital transformation initiatives, and operational decision-making.

• Act as a bridge between ITRMS and our Company Research Labs division, translating technical risks into business impact.

2. Risk Management & Governance

• Drive compliance with applicable global regulations and internal security policies by tailoring the requirements to our Company Research Labs division’s operational and regulatory context.

• Identify, design and help Implement risk-based security solutions that are practical, effective, and aligned with our Company Research Labs division business priorities.

• Stay updated on new and emerging technologies (e.g., AI and Quantum) and new laws and regulations, and to understand their impacts on the business.

3. Technical Expertise & Cyber Resilience

• Work in unison with our Company Research Labs division IT Value Teams to establish secure design, implementation, and monitoring of IT and OT systems, applications, and cloud environments.

• Proactively identify opportunities to improve cyber resilience capabilities of our Company Research Labs division IT and OT systems.

• Support the Cyber Fusion Center in handling Cyber incidents related to our Company Research Labs division

• Understand emerging cyber threats, vulnerabilities, and attack vectors, and establish proactive risk mitigation strategies.

4. Leadership, Influence & Culture Building

• Influence our Company Research Labs division stakeholders to foster a security-conscious culture without impeding business agility.

• Drive security awareness programs that resonate with business functions.

• Lead, mentor, and develop a high-performing risk and security team

• Demonstrates high emotional intelligence (EQ) and executive presence (EP), effectively engaging with senior executives and key stakeholders.

Education and Experience Requirements:

• Bachelor’s Degree in one or more of the following fields: information technology, cyber security, computer science, business administration, communications, or related field.

• Risk or security certification credentials (CISSP, GSEC, CISA, CISM etc.) are desired but not mandatory

• 10+ years’ experience working in one or more of the following fields: cybersecurity, IT risk management, IT compliance, IT audit, information technology, or a related field.

• 5+ years’ experience leading global teams in a management or leadership role, particularly in a fast-paced, service-oriented environment. (desired but not mandatory)

• Prior experience in the healthcare industry, with an understanding of the unique challenges in securing OT and IT systems. (desired but not mandatory)

Key Competencies

• ✅ Technical Depth & Business Acumen – Ability to blend security knowledge with business understanding.

• ✅ Problem-Solving Mindset – Proactive, strategic, and solutions-oriented approach.

• ✅ Change Management – Experience driving security transformation across the supported organization.

• ✅ Influence & Executive Presence (EP) – Strong stakeholder management and leadership skills.

• ✅ High Emotional Intelligence (EQ) – Ability to navigate complex organizational dynamics.

Current Employees apply HERE

Current Contingent Workers apply HERE

US and Puerto Rico Residents Only:

Our company is committed to inclusion, ensuring that candidates can engage in a hiring process that exhibits their true capabilities. Please click here if you need an accommodation during the application or hiring process.

We are an Equal Opportunity Employer, committed to fostering an inclusive and diverse workplace.  All qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status, or other applicable legally protected characteristics.  For more information about personal rights under the U.S. Equal Opportunity Employment laws, visit:

EEOC Know Your Rights

EEOC GINA Supplement​

Pay Transparency Nondiscrimination

We are proud to be a company that embraces the value of bringing diverse, talented, and committed people together. The fastest way to breakthrough innovation is when diverse ideas come together in an inclusive environment. We encourage our colleagues to respectfully challenge one another’s thinking and approach problems collectively.

Learn more about your rights, including under California, Colorado and other US State Acts

U.S. Hybrid Work Model

Effective September 5, 2023, employees in office-based positions in the U.S. will be working a Hybrid work consisting of three total days on-site per week, Monday - Thursday, although the specific days may vary by site or organization, with Friday designated as a remote-working day, unless business critical tasks require an on-site presence.This Hybrid work model does not apply to, and daily in-person attendance is required for, field-based positions; facility-based, manufacturing-based, or research-based positions where the work to be performed is located at a Company site; positions covered by a collective-bargaining agreement (unless the agreement provides for hybrid work); or any other position for which the Company has determined the job requirements cannot be reasonably met working remotely. Please note, this Hybrid work model guidance also does not apply to roles that have been designated as “remote”.

The Company is required to provide a reasonable estimate of the salary range for this job in certain states and cities within the United States. Final determinations with respect to salary will take into account a number of factors, which may include, but not be limited to the primary work location and the chosen candidate’s relevant skills, experience, and education.

Expected US salary range:

Available benefits include bonus eligibility, long term incentive if applicable, health care and other insurance benefits (for employee and family), retirement benefits, paid holidays, vacation, and sick days. A summary of benefits is listed here.

San Francisco Residents Only: We will consider qualified applicants with arrest and conviction records for employment in compliance with the San Francisco Fair Chance Ordinance

Los Angeles Residents Only: We will consider for employment all qualified applicants, including those with criminal histories, in a manner consistent with the requirements of applicable state and local laws, including the City of Los Angeles’ Fair Chance Initiative for Hiring Ordinance

Search Firm Representatives Please Read Carefully 
Merck & Co., Inc., Rahway, NJ, USA, also known as Merck Sharp & Dohme LLC, Rahway, NJ, USA, does not accept unsolicited assistance from search firms for employment opportunities. All CVs / resumes submitted by search firms to any employee at our company without a valid written search agreement in place for this position will be deemed the sole property of our company.  No fee will be paid in the event a candidate is hired by our company as a result of an agency referral where no pre-existing agreement is in place. Where agency agreements are in place, introductions are position specific. Please, no phone calls or emails. 

Employee Status:

Relocation:

VISA Sponsorship:

Travel Requirements:

Flexible Work Arrangements:

Shift:

Valid Driving License:

Hazardous Material(s):

Job Posting End Date:

*A job posting is effective until 11:59:59PM on the day BEFORE the listed job posting end date. Please ensure you apply to a job posting no later than the day BEFORE the job posting end date.