Senior PKI Engineer
Merck Sharp & Dohme Corp
Prague, CZ
před 3 dny


MSD is a global health care leader with a diversified portfolio of prescription medicines, vaccines and animal health products.

The difference between potential and achievement lies in the spark that fuels innovation and inventiveness; this is the space where MSD has codified its 125-

year legacy. MSD’s success is backed by ethical integrity, forward momentum, and an inspiring mission to achieve new milestones in global healthcare.

MSD’s Information Technology division partners with colleagues across the business to help serve our patients and customers around the world.

Ours is a high-energy team of dynamic, innovative individuals dedicated to advancing MSD’s contribution to global medical innovation by leveraging information and technology to efficiently advance the business by driving revenue and productivity.

Increased risks in both the information security (e.g. cyber threats, malware, etc.) and the regulated areas have required that staff possessing such skills is fully embedded within the IT organization.

The enterprise is now dependent on these security and compliance experts for identifying, escalating and remediating such IT Risks in a timely and efficient manner.

Also, emerging technologies like cloud, mobility and data analytics require strong IT Risk and Compliance early involvement.

To help meet these emerging challenges, we are seeking an energetic, forward-thinking security professional to support the development of Cyber Security Services and Analytics.

Primary job responsibilities include :

  • Working on PKI suite of enterprise public key infrastructure solutions, PKI management, orchestration and governance, remediation and verification, certificate authorization, and integration with enterprise applications.
  • Administering the Certification Authorities (CA) and Hardware Security Modules (HSM) of an industry Public Key Infrastructure (PKI) and Key Management team
  • Analyze, plan, co-ordinate significant infrastructure updates and product upgrades with support teams.
  • Coordinate testing of changes / additions to the PKI infrastructure.
  • Document, recommend and review PKI related projects
  • Supporting engineering activities, as identified, and facilitating the transition of engineering products into the operational environment
  • Answering technical and procedural questions for less experienced team members
  • Contribute to the Identity & Access Management strategy & architecture
  • Create a standard set of requirements, technical designs, recommended configurations and drawings necessary to design, implement and deploy our current and future state security capabilities.
  • Develop and execute various tests and procedures on a variety of security equipment to ensure that security systems are operating as designed.
  • The role requires active participation in security incident response and investigations when called upon, as well as requiring 3rd level operational support for production security solutions.
  • Contribute to enterprise-wide risk mitigation programs, processes and technologies
  • Cooperates with global IT teams and business stakeholders to assure tools are deployed with appropriate levels of protection to minimize business impact while providing effective security risk mitigation
  • Actively stay on top emerging cyber threats, trends and technologies.
  • Develops and improves process of security development practices
  • Utilizes knowledge of security testing tools, practices, and validation methodologies
  • Ensures end to end security of products through hands on testing, threat modeling, administering technical direction to software development teams, remediating risks upfront, and championing secure
  • implementation efforts

  • Collaborates with product development teams to manage software security risks aligned with business goals
  • Provides troubleshooting approaches and mitigations to quickly resolve platform issues and ensures application
  • robustness and security

  • Improves and automates secure coding practices, application security requirements, training, and metrics
  • Qualifications

  • Minimum of 5 years of relevant work experience in an IT security position with a demonstrated record of customer focus
  • General understanding of cryptographic concepts
  • o Cryptography basics (algorithms)

    o Cryptographic services and protocols (strong authentication, encryption, digital signature, time-stamping protocol)

  • Strong knowledge of PKI concepts, patterns and practices
  • o X.509 PKI architecture (CA, RA, VA )

    o PKI policies (CP / CPS, key ceremonies)

    o PKI standards (X.509 and CVC certificates, PKCS, PKIX, CRL, OCSP, CMP)

  • Working knowledge of Microsoft Certificate Services and Active Directory
  • Experience with certificate-enabled technologies, software and tools, such as SSL / TLS, S / MIME, Authentication, 802.
  • 1X, Code Signing, OpenSSL, Microsoft CryptoAPI, Java Keystore

  • Experience with hardware administration, such as HSM, Smartcards and USB tokens
  • Scripting skills with PowerShell
  • Knowledge of TCP / IP and network protocols
  • Your role at MSD is integral to helping the world meet new breakthroughs that affect generations to come, and we’re counting on your skills and inventiveness to help make meaningful contributions to global medical advancement.

    At MSD, we’re inventing for life.

    Přidat do oblíbených
    Odebrat z oblíbenýcch
    Můj e-mail
    Kliknutím na "Pokračovat", souhlasíte s tím, že neuvoo sbírá a zpracovává vaše osobní údaje, které jste poskytli v tomto formuláři, aby vytvořili neuvoo účet a přihlásili vás k odběru emailových upozornění v souladu s naší Ochranou Osobních Údajů . Váš souhlas můžete vzít kdekoliv zpět, následováním těchto kroků .