Data
Loss Prevention Analyst-COM000462
Description
Merck & Co., Inc. Kenilworth, N.J.,
U.S.A. known as Merck in the United States and Canada, is a global health care
leader with a diversified portfolio of prescription medicines, vaccines and
animal health products. Today, we are building a new kind of healthcare company
– one that is ready to help create a healthier future for all of us.
Our ability to excel depends on the
integrity, knowledge, imagination, skill, diversity and teamwork of an
individual like you. To this end, we strive to create an environment of
mutual respect, encouragement and teamwork. As part of our global team,
you’ll have the opportunity to collaborate with talented and dedicated
colleagues while developing and expanding your career.
As a key member of the Information
Technology Risk Management and Security (ITRM&S) organization, the
incumbent will be act as a member of the Data Loss Prevention team, and be
responsible for managing and remediating instances of data leakage and other
cyber security incidents related to data loss prevention that occur on Merck’s
global network and global computing assets. The incumbent will also participate
in sensitive information protection activities. As part of these duties, the
incumbent will be expected to manage data loss prevention (DLP) incidents to
the point of remediation and clearly communicate any remediation activities and
status to colleagues and/or senior management. As a member of the Data Loss
Prevention team this role requires the incumbent to be part of a global
Intellectual Property and Sensitive Information Protection Program.
The incumbent will work with our Global Security Group, Legal, and other business units as appropriate based upon corporate policy to respond to DLP incidents and take the appropriate response actions. The incumbent will create, modify and review various reports and dashboards from our various reporting tools. The incumbent will also be responsible for analyzing DLP related security incidents that are generated from other tools such as Merck’s Big Data platform. The incumbent will maintain DLP Policies/Rules and associated events which support compliance to Merck’s corporate policies. The incumbent will also help maintain/troubleshoot issues with the DLP security infrastructure. The incumbent will also be an active participant in weekly DLP management meetings reporting on security incidents that have occurred.
The DLP security solutions that the
incumbent will be working on support Merck’s current and future state
capabilities for achieving desired levels of information protection,
confidentiality, integrity and availability of services. The incumbent will be
responsible for end-to-end problem and service management, and clear
communication of ongoing problem status to colleagues and management. The
incumbent will make recommendations to strengthen the security posture of our
computing environment as well as recommend process and technology improvements
to ensure timely response to future DLP security incidents.
The incumbent will be required to maintain up-to-date data protection industry awareness and trends, and be able to understand how emerging threats may potentially impact the organization. The role also requires active and ongoing collaboration with many other Merck organizations and departments acting in a consultative capacity promoting information security awareness and compliance to corporate policies.
Primary Responsibilities are included but not limited to:
·
Investigate
incidents generated from our Data Loss Prevention Tools. Using log management tools,
packet captures reports, data visualization, and pattern analysis.
·
Analyze,
escalate, and assist in remediation of critical information security incidents
related to data loss prevention.
·
Improve
and challenge existing processes and procedures in a very agile and fast moving
information security environment.
·
Security
analysts should have knowledge of:
o
Information
security policies and best practices
o
Data
Loss Prevention Tools (including network, endpoint, and cloud based DLP tools)
o The current IT Data
Protection landscape and upcoming trends in security
Qualifications
Education Requirement:
Bachelor's Degree in Computer Science or equivalent.
Required Experience and Skills:
Excellent analytical and communication skills are essential for this role, as
well as passion for problem solving, a desire to learn, and the ability to work
in a team environment. Demonstrated skills working with various IT
technologies and services. Proven record of successfully managing incidents
to resolution, and the ability to trace a problem to root cause. The
candidate must be able to adapt and rapidly learn new technologies and must
have some background in an information security related discipline.
o
System
administration on Windows, Unix or Linux
o
Data
Loss Prevention Tools experience
o
Investigating
security incidents, Tier-2 support
o
Various
general technical skills including knowledge of networking (i.e. TCP/IP) and
security product experience
o
Willingness
to acquire in-depth knowledge of network and host security technologies and
products.
o
Demonstrated
ability to work in a team environment.
o
Strong
written and verbal communication skills.
Preferred Experience and Skills:
·
Prior
experience as a data loss prevention analyst.
·
Ability
to build strong relationships with business and technology stakeholders,
self-motivation, personal drive and high energy are highly valuable for this
position.
·
Experience
or familiarity with Data Loss Prevention solutions for network, endpoint and cloud
solutions.
·
Experience
or familiarity with content monitoring and user activity monitoring
solutions.
·
Experience
or familiarity with Security Information and Event Management (SIEM) solutions.
·
Experience
or familiarity with User Behavior Analytics (UBA) solutions.
·
Knowledge
of other information security related products is a plus.
·
CISSP
or similar Information security industry certification is a plus.
(US/Puerto Rico Only) In accordance with
Managers' Policy - Job Posting and Employee Placement, all employees subject
to this policy are required to have a minimum of twelve (12) months of service
in current position prior to applying for open positions.
If you have been offered a separation
benefits package, but have not yet reached your separation date and are offered
a position within the salary and geographical parameters as set forth in the
Summary Plan Description (SPD) of your separation package, then you are no
longer eligible for your separation benefits package. If you have any
questions, please contact your HRBP or Staffing Consultant.
Job Posting: Jan 3, 2017, 1:29:10 PM
Unposting Date: Jan 17, 2017, 11:59:00 PM
Job: Compliance & Risk Management
Job Title: Spclst,
Compliance & Risk Management
Primary Location: NA-US-PA-West Point
Other Locations: NA-US-NJ-Branchburg
Schedule: Full-time
Employee Status: Regular
Travel: Yes, 10 % of the Time
Number of Openings: 1
Hiring Manager: Francis M Delman
Band: 300 Pathway
Level: P2 :
Titer
Requirements: No Hazardous
Materials: No
FLSA: Exempt
Relocation
Provided: None
Shift (if
applicable): 1st
Company
Trade Name:Merck
Maia L.
Green, Ph.D.
Principal
Scientist
Developmental
and Reproductive Toxicology
T: +1 215 652
6892
C: +1 484 554
3127
No comments:
Post a Comment