Job Description

Role Overview

This role drives a platform-centric security strategy, ensuring that enterprise applications and AI-enabled systems are built and operated securely at scale. The Associate Director serves as a hands-on leader, translating strategy into production-grade capabilities that reduce risk, enable innovation, and protect enterprise data and intellectual property across modern digital ecosystems.

Key areas of focus include SaaS posture management, PaaS native security, data protection, AI security enablement, and platform-integrated controls, with an emphasis on prevention-first architectures and automation.

This position leads a team of engineers and collaborates closely with Cloud, Data, AI, Product Teams, and Enterprise stakeholders.

Key Responsibilities

• Lead and develop a high-performing team responsible for security across strategic platforms, including AI systems, SaaS applications, and PaaS/cloud-native environments.

• Define and execute the security strategy for enterprise platforms, aligning with business priorities and risk reduction objectives.

• Establish and scale SaaS security capabilities, such as SaaS Security Posture Management (SSPM), data governance, and third-party platform risk controls.

• Lead PaaS and cloud-native security engineering for enterprise platforms such as SAP, Databricks, and similar strategic services.

• Design, implement, and operate security controls embedded within AI, SaaS, and PaaS platforms, including identity, data protection, and runtime protections.

• Drive AI security realization, including model security management, prompt hardening, secure usage patterns, and governance of AI services (e.g., LLMs, copilots, agents).

• Integrate data protection into platform architectures, ensuring consistent enforcement across AI, SaaS, and PaaS ecosystems.

• Define and operationalize secure platform patterns, including reusable guardrails, and builder-friendly security services.

• Drive automation and engineering-first approaches to reduce manual controls and improve scalability of protection across thousands of applications and services.

• Partner with Legal, Privacy, Risk, and Compliance teams to ensure alignment with regulatory and data governance requirements.

• Influence enterprise architecture and security standards, contributing to long-term strategic roadmaps.

• Serve as a technical thought leader and executive-facing communicator on platform security, AI risk, and cloud security posture.

Required Experience

• Bachelor's degree in computer science, cybersecurity, engineering, or a related field.

• 10+ years of experience in SaaS architecture and delivery or cybersecurity, with strong depth in cloud, platform, application, or AI security.

• Proven experience leading engineering teams and delivering enterprise-scale platform capabilities.

• Hands-on expertise in SaaS, PaaS/cloud-native, and distributed system architectures.

• Experience designing and implementing security controls within modern platforms (identity, data protection, API security, workload protection).

• Strong understanding of AI/ML security risks, including data leakage, model misuse, prompt injection, and governance controls.

• Experience with public cloud security (AWS, Azure, GCP).

• Proven ability to lead cross-functional initiatives across engineering, security, legal, and business teams.

• Experience operating in large, complex enterprise environments with global scope.

Preferred Skills

• Deep expertise in AI security frameworks and controls, including LLM security, model governance, and responsible AI practices.

• Experience with SaaS Security Posture Management (SSPM) and CASB/SSE platforms (e.g., Zscaler, Netskope, Microsoft Defender for Cloud Apps).

• Experience with API security, service mesh, and zero-trust architectures.

• Familiarity with policy-as-code and automation frameworks.

• Knowledge of OWASP Top 10, API Top 10, and modern threat models for cloud and AI systems.

• Strong ability to translate technical risk into business impact for executive audiences.

• Experience managing vendor strategy, product selection, and platform investments.

• Financial acumen, including budget ownership and cost optimization for platform security tooling.

Education and Certifications

• Relevant certifications such as CISSP, CCSP, AWS/Azure Security, or AI/ML security certifications are preferred.

Required Skills:

Preferred Skills:

Current Employees apply HERE

Current Contingent Workers apply HERE

US and Puerto Rico Residents Only:

Our company is committed to inclusion, ensuring that candidates can engage in a hiring process that exhibits their true capabilities. Please click here if you need an accommodation during the application or hiring process.

As an Equal Employment Opportunity Employer, we provide equal opportunities to all employees and applicants for employment and prohibit discrimination on the basis of race, color, age, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or other applicable legally protected characteristics.As a federal contractor, we comply with all affirmative action requirements for protected veterans and individuals with disabilities. For more information about personal rights under the U.S. Equal Opportunity Employment laws, visit:

EEOC Know Your Rights

EEOC GINA Supplement

We are proud to be a company that embraces the value of bringing together, talented, and committed people with diverse experiences, perspectives, skills and backgrounds. The fastest way to breakthrough innovation is when people with diverse ideas, broad experiences, backgrounds, and skills come together in an inclusive environment. We encourage our colleagues to respectfully challenge one another's thinking and approach problems collectively.

Learn more about your rights, including under California, Colorado and other US State Acts

The salary range for this role is

This is the lowest to highest salary we in good faith believe we would pay for this role at the time of this posting. An employee's position within the salary range will be based on several factors including, but not limited to relevant education, qualifications, certifications, experience, skills, geographic location, government requirements, and business or organizational needs.

The successful candidate will be eligible for annual bonus and long-term incentive, if applicable.

We offer a comprehensive package of benefits. Available benefits include medical, dental, vision healthcare and other insurance benefits (for employee and family), retirement benefits, including 401(k), paid holidays, vacation, and compassionate and sick days. More information about benefits is available at https://jobs.merck.com/us/en/compensation-and-benefits.

You can apply for this role through https://jobs.merck.com/us/en (or via the Workday Jobs Hub if you are a current employee). The application deadline for this position is stated on this posting.

San Francisco Residents Only:We will consider qualified applicants with arrest and conviction records for employment in compliance with the San Francisco Fair Chance Ordinance

Los Angeles Residents Only:We will consider for employment all qualified applicants, including those with criminal histories, in a manner consistent with the requirements of applicable state and local laws, including the City of Los Angeles' Fair Chance Initiative for Hiring Ordinance

Search Firm Representatives Please Read Carefully
Merck & Co., Inc., Rahway, NJ, USA, also known as Merck Sharp & Dohme LLC, Rahway, NJ, USA, does not accept unsolicited assistance from search firms for employment opportunities. All CVs / resumes submitted by search firms to any employee at our company without a valid written search agreement in place for this position will be deemed the sole property of our company. No fee will be paid in the event a candidate is hired by our company as a result of an agency referral where no pre-existing agreement is in place. Where agency agreements are in place, introductions are position specific. Please, no phone calls or emails.

Employee Status:

Relocation:

VISA Sponsorship:

Travel Requirements:

Flexible Work Arrangements:

Shift:

Valid Driving License:

Hazardous Material(s):

Job Posting End Date:

*A job posting is effective until 11:59:59PM on the day BEFOREthe listed job posting end date. Please ensure you apply to a job posting no later than the day BEFORE the job posting end date.

Requisition ID:R401952