Application Security Expert

Job Description

Our Company is where we transform vision into reality. It's where ideas become technologies, and cutting-edge technologies become solutions for animal care and management.

We support farmers by providing real-time actionable information to help them manage their herds. It provides pet owners with smart devices and data that give them a better understanding of their pets’ activity and health needs, enriching relationships. It helps conservationists safeguard natural environments and wildlife.

Leveraging decades of Technological Research & Development experience across many markets, technologies and species, along with development environments and Quality Assurance procedures, we're always inventing new ways to look after the health and well-being of animals. Our decades of experience keep us ahead of the curve by leveraging advanced Technological Solutions from enhancing the precious bond between people and their pets, to advancing animal healthcare and wildlife preservation.

As an Application Security Expert, you will support and product and development teams in application security, including threat modeling and security reviews, assist teams in reproducing, triaging, and addressing application security vulnerabilities, assist in development of security processes and automated tooling that prevents classes of security issues, perform internal and external penetration tests, vulnerability assessments and code reviews and more.

Requirements

• At least 5 years experience in application security
• Comes from a strong application penetration testing background
• In Depth familiarity and ability to explain common security flaws and ways to address them (e.g. OWASP Top 10 at minimum).
• Strong understanding and experience with common security libraries, security controls, and common security flaws.
• Has engineering responsibilities over their cyber domain area technology and services (Application Security, Cloud, Identity and Access Management, Data Protection, Network Segmentation, OT security controls and Vulnerability Detection).
• Provide oversight of managed service resources supporting cyber engineering projects (e.g., implementation, upgrades, enhancements) and is responsible for one or more controls/services and relevant technology, including consulting to development teams.
• Partner with architecture team to conduct architecture reviews and security operations.
• Strong development or scripting experience and skills.
• You’re able to significantly and effectively contribute to the product and its security.
• Good working and current knowledge of at least 4 of the following programming languages
• C#
• C++
• Java
• JavaScript
• Python
• SQL
• .Net
• UML
• Bash
• Ruby
• Strong knowledge of at least 4 of the following communications protocols
• HTTP
• TCP/IP
• UDP
• WebSocket
• MQTT
• Zigbee
• XMPP
• Team Player and self-driven
• Ability to work simultaneously on multiple projects.
  

Advantage

• Be a subject matter expert (SME) of at least 2 technical areas impacting the security of the product.
• Comes from an enterprise/corporate (not start-up) background
• Knowledge of LoRa / LoRaWAN, Cellular communications
• Experience identifying security issues through code review (and able to use GitHub or AzureDevOPS)
• Have good understanding in Cloud and on-premises product types (e.g. hardware and mobile).
  
  

MDAHTL

Current Employees apply HERE

Current Contingent Workers apply HERE

Search Firm Representatives Please Read Carefully

Merck & Co., Inc., Rahway, NJ, USA, also known as Merck Sharp & Dohme LLC, Rahway, NJ, USA, does not accept unsolicited assistance from search firms for employment opportunities. All CVs / resumes submitted by search firms to any employee at our company without a valid written search agreement in place for this position will be deemed the sole property of our company. No fee will be paid in the event a candidate is hired by our company as a result of an agency referral where no pre-existing agreement is in place. Where agency agreements are in place, introductions are position specific. Please, no phone calls or emails.

Employee Status

Regular

Relocation

VISA Sponsorship

Travel Requirements

Flexible Work Arrangements

Hybrid

Shift

Valid Driving License

Hazardous Material(s)

Requisition ID R285317