Senior Engineer, DevSecOps

Job Description

New Hires based in the US & Puerto Rico will be required to demonstrate that they have been fully vaccinated for Covid-19 or qualify for a medical or religious exemption or accommodation to this vaccination requirement, subject to applicable law.

Our IT team operates as a business partner proposing ideas and innovative solutions that enable new organizational capabilities. We collaborate internationally to deliver the services and solutions that help everyone to be more productive and enable innovation.

Reporting directly to the Director of Application Security is responsible for leading team tasked with ensuring the development of security capabilities to protect our companies applications. The position is responsible for collaborating across IT organizations to facilitate the design, development, engineering and deployment of security controls used to protect software.

You will:

  • Lead a team of security engineers to Improve the security posture of our enterprise DevOps practice for enterprise and cloud environment.
  • Design, create and support security tests in CI/CD pipelines, such as SAST, DAST, SCA, container scanning, API scanning, etc.
  • Design and implement tools to secure build/release pipelines for cloud native services.
  • Responsible for the security of the software development lifecycle using CI/CD.
  • Develop code for collecting and injecting data from security vendors API’s.
  • Identify, evaluate, and conduct proof-of-concepts for new technologies, enabling secure development of core architectural components.
  • Collaborate cross functionally to make design/strategy decisions and advocate for security improvements.
  • Promoting the DevSecOps and Agile mindset across technology functions.
  • Focused with automation and passionate about creating best in class security process and tooling for our developer.

Education Minimum Requirement:

Bachelor’s Degree is required. Concentration in one of the following fields preferred:

  • Cyber security
  • Computer Science
  • Engineering
  • Management/Computer Information Systems
  • Information Assurance

Required Experience and Skills:

  • 7+ years’ experience in an information technology field with at least 2 in the information security or risk management area.
  • Possess 2-3 years of technical team or direct staff management.
  • Experience with one or more cloud and container platforms such as AWS, Azure, Kubernetes, and Pivotal Cloud Foundry.
  • Experience with developing secure solutions through identifying effective security requirements and secure design principles that support security, scalability, and efficiency in operation.
  • Strong understanding and experience with infrastructure as code tools and platforms, such as Cloud Formation templates and Ansible .
  • Excellent and professional written and verbal communication skills.
  • Experience with cloud security design, implementation, and monitoring.
  • Strong interpersonal communications skills and worked in agile.

Preferred Experience and Skills:
Prior experience with security engineering and application security technologies and processes.

  • Demonstrated knowledge of application security including:
    • Application security controls as part of software development life cycle
    • Software security best practices in test and operate environment
    • Mitigating the Common Vulnerabilities (OWASP Top 10)
    • Incident and vulnerability management
    • Experience with securely implementing and managing secrets and cryptography according to industry best practices.
  • Ability to motivate, mentor and develop talent both technically and interpersonal skills.
  • Highly responsive with an ability to handle escalations quickly and professionally.
  • Ability to work both independently and perform as a leader in a team environment.
  • Ability to collaboratively and independently create, communicate and implement strategies.

Our Support Functions deliver services and make recommendations about ways to enhance our workplace and the culture of our organization. Our Support Functions include HR, Finance, Information Technology, Legal, Procurement, Administration, Facilities and Security.

Who we are …

We are known as Merck & Co., Inc., Kenilworth, New Jersey, USA in the United States and Canada and MSD everywhere else. For more than a century, we have been inventing for life, bringing forward medicines and vaccines for many of the world’s most challenging diseases. Today, our company continues to be at the forefront of research to deliver innovative health solutions and advance the prevention and treatment of diseases that threaten people and animals around the world.

What we look for …

Imagine getting up in the morning for a job as important as helping to save and improve lives around the world. Here, you have that opportunity. You can put your empathy, creativity, digital mastery, or scientific genius to work in collaboration with a diverse group of colleagues who pursue and bring hope to countless people who are battling some of the most challenging diseases of our time. Our team is constantly evolving, so if you are among the intellectually curious, join us—and start making your impact today.


In accordance with Managers’ Policy – Job Posting and Employee Placement, all employees subject to this policy are required to have a minimum of twelve (12) months of service in current position prior to applying for open positions.

If you have been offered a separation benefits package, but have not yet reached your separation date and are offered a position within the salary and geographical parameters as set forth in the Summary Plan Description (SPD) of your separation package, then you are no longer eligible for your separation benefits package. To discuss in more detail, please contact your HRBP or Talent Acquisition Advisor.

Current Employees apply HERE

Current Contingent Workers apply HERE

US and Puerto Rico Residents Only:

Our company is committed to inclusion, ensuring that candidates can engage in a hiring process that exhibits their true capabilities. Please click here if you need an accommodation during the application or hiring process.

For more information about personal rights under Equal Employment Opportunity, visit:

EEOC Poster

EEOC GINA Supplement

OFCCP EEO Supplement

Pay Transparency Nondiscrimination

We are proud to be a company that embraces the value of bringing diverse, talented, and committed people together. The fastest way to breakthrough innovation is when diverse ideas come together in an inclusive environment. We encourage our colleagues to respectfully challenge one another’s thinking and approach problems collectively. We are an equal opportunity employer, committed to fostering an inclusive and diverse workplace.

Search Firm Representatives Please Read Carefully 
Merck & Co., Inc., Kenilworth, NJ, USA, also known as Merck Sharp & Dohme Corp., Kenilworth, NJ, USA, does not accept unsolicited assistance from search firms for employment opportunities. All CVs / resumes submitted by search firms to any employee at our company without a valid written search agreement in place for this position will be deemed the sole property of our company. No fee will be paid in the event a candidate is hired by our company as a result of an agency referral where no pre-existing agreement is in place. Where agency agreements are in place, introductions are position specific. Please, no phone calls or emails.

Employee Status:



No relocation

VISA Sponsorship:


Travel Requirements:


Flexible Work Arrangements:

Remote Work


Valid Driving License:

Hazardous Material(s):

Number of Openings:


Requisition ID:R150882

More Information

Apply for this job

Leave your thoughts

Share this job