Key skills
PowerShellVaultEntra IDActive DirectoryIdentity ManagementServiceNowSDLCCI/CDRisk ManagementCloud Security
About this role
Merck is a leading global healthcare company, and they are seeking a dynamic professional to join their IT Risk Management & Security team as a Privileged Access Management (PAM) Engineer. The role focuses on privileged access, secrets management, API security, and related identity security functions to protect the company's critical assets.
Responsibilities:
- Design, implement, and operate enterprise Privileged Access Management (PAM) solutions, including privileged account administration across on-premises and cloud environments
- Serve as a subject matter expert for PAM technologies, contributing to standards, secure patterns, and best practices across applications, infrastructure, and platforms
- Administer, monitor, patch, and support PAM platforms to ensure stability, security, and uninterrupted production operations
- Partner with application, infrastructure, security, and vendor teams to gather requirements, evaluate technologies, remediate gaps, and drive continuous improvement
- Produce and maintain technical documentation, architecture diagrams, and solution designs, including integration with automation, CI/CD pipelines, and third-party systems
Requirements:
- Bachelor's degree required in a related field
- 3+ years delivering PAM solutions in enterprise settings
- Skilled in PAM platforms (e.g., Delinea, CyberArk, BeyondTrust)
- End-to-end design and implementation of PAM services and processes
- Deep understanding of PAM concepts and enterprise deployment across on-prem/hybrid environments platforms
- Strong analytical and independent problem-solving skills
- Effective at managing multiple priorities and adapting to change
- Clear written, verbal, and interpersonal communicator for technical and non-technical audiences
- Experienced working within large, global matrixed organizations
- Experience in large healthcare or regulated environments
- Strong understanding of cybersecurity principles, SDLC, and cloud-native security controls
- Hands-on experience with identity platforms (Active Directory, Entra ID), cloud identity management, and HashiCorp Vault
- Familiarity with ServiceNow for change and incident management, and experience automating tasks using PowerShell
- Knowledge of relevant standards and frameworks (NIST, ITIL)
- Industry-recognized certifications in information, application, or cloud security (e.g., CISSP, Security+)