MSD is a global health care leader with a diversified portfolio of prescription medicines, vaccines and animal health products.
The difference between potential and achievement lies in the spark that fuels innovation and inventiveness; this is the space where MSD has codified its 125-
year legacy. MSD’s success is backed by ethical integrity, forward momentum, and an inspiring mission to achieve new milestones in global healthcare.
MSD’s Information Technology division partners with colleagues across the business to help serve our patients and customers around the world.
Ours is a high-energy team of dynamic, innovative individuals dedicated to advancing MSD’s contribution to global medical innovation by leveraging information and technology to efficiently advance the business by driving revenue and productivity.
Increased risks in both the information security (e.g. cyber threats, malware, etc.) and the regulated areas have required that staff possessing such skills is fully embedded within the IT organization.
The enterprise is now dependent on these security and compliance experts for identifying, escalating and remediating such IT Risks in a timely and efficient manner.
Also, emerging technologies like cloud, mobility and data analytics require strong IT Risk and Compliance early involvement.
To help meet these emerging challenges, we are seeking an energetic, forward-thinking security professional to support the development of Cyber Security Services and Analytics.
Primary job responsibilities include :
Working on PKI suite of enterprise public key infrastructure solutions, PKI management, orchestration and governance, remediation and verification, certificate authorization, and integration with enterprise applications.
Administering the Certification Authorities (CA) and Hardware Security Modules (HSM) of an industry Public Key Infrastructure (PKI) and Key Management team
Analyze, plan, co-ordinate significant infrastructure updates and product upgrades with support teams.
Coordinate testing of changes / additions to the PKI infrastructure.
Document, recommend and review PKI related projects
Supporting engineering activities, as identified, and facilitating the transition of engineering products into the operational environment
Answering technical and procedural questions for less experienced team members
Contribute to the Identity & Access Management strategy & architecture
Create a standard set of requirements, technical designs, recommended configurations and drawings necessary to design, implement and deploy our current and future state security capabilities.
Develop and execute various tests and procedures on a variety of security equipment to ensure that security systems are operating as designed.
The role requires active participation in security incident response and investigations when called upon, as well as requiring 3rd level operational support for production security solutions.
Contribute to enterprise-wide risk mitigation programs, processes and technologies
Cooperates with global IT teams and business stakeholders to assure tools are deployed with appropriate levels of protection to minimize business impact while providing effective security risk mitigation
Actively stay on top emerging cyber threats, trends and technologies.
Develops and improves process of security development practices
Utilizes knowledge of security testing tools, practices, and validation methodologies
Ensures end to end security of products through hands on testing, threat modeling, administering technical direction to software development teams, remediating risks upfront, and championing secure
Collaborates with product development teams to manage software security risks aligned with business goals
Provides troubleshooting approaches and mitigations to quickly resolve platform issues and ensures application
robustness and security
Improves and automates secure coding practices, application security requirements, training, and metrics
Minimum of 5 years of relevant work experience in an IT security position with a demonstrated record of customer focus
General understanding of cryptographic concepts
o Cryptography basics (algorithms)
o Cryptographic services and protocols (strong authentication, encryption, digital signature, time-stamping protocol)
Strong knowledge of PKI concepts, patterns and practices
o X.509 PKI architecture (CA, RA, VA )
o PKI policies (CP / CPS, key ceremonies)
o PKI standards (X.509 and CVC certificates, PKCS, PKIX, CRL, OCSP, CMP)
Working knowledge of Microsoft Certificate Services and Active Directory
Experience with certificate-enabled technologies, software and tools, such as SSL / TLS, S / MIME, Authentication, 802.
1X, Code Signing, OpenSSL, Microsoft CryptoAPI, Java Keystore
Experience with hardware administration, such as HSM, Smartcards and USB tokens
Scripting skills with PowerShell
Knowledge of TCP / IP and network protocols
Your role at MSD is integral to helping the world meet new breakthroughs that affect generations to come, and we’re counting on your skills and inventiveness to help make meaningful contributions to global medical advancement.
At MSD, we’re inventing for life.