Cloud Architect

Job Description

• You will partner with our technology stakeholders across Merck to identify opportunities to enable DevOps transformation for internal stakeholders.
• Partner with leaders from across the business to translate the companys business objectives, market opportunities & portfolio of offerings into a formal, cohesive global DevOps strategy.
• Engage with the different stakeholders to define a SecDevOps adoption plan with short/medium/long-term goals and develop the business case for change
• Design SecDevOps reference architecture and blueprints to implement continuous exploration, continuous integration, continuous deployment, continuous testing, continuous monitoring, and release automation solutions across different products/applications/technologies/domains.
• Define the Target Operating Model for Enterprise SecDevOps adoption and focuses on business processes to evaluate and translate functional requirements into technical requirements
• Work with the various teams to understand their SecDevOps needs, and identify best practices and tools relevant to the products and technologies involved. Provide technical leadership and guidance w.r.t. SecDevOps adoption
• Advise product leadership and teams on how to translate current engineering, infrastructure, and automation requirements into executable SecDevOps technology solutions
• Conduct maturity assessment to improve engineering excellence
• Implement and maintain SecDevOps toolchains for both centralized and federated DevOps.
• Coach the team to ensure adoption. Coaches engineering teams on the new Ways of Working to improve Route to Live. Conduct training workshops on CI-CD/DevOps and related roles to clients, internal team and other stakeholders
• Make sure that the SecDevOps process is in adherence with the Merck SOP s
Qualifications
• Experience in leading the enterprise DevOps strategy and background experience as a Functional/Business Architect in a leading consulting organization is highly preferable.
• Bachelor s in Computer Science/ MBA or equivalent practical experience.
• Minimum of 8 years of experience in progressively responsible information technology including at least 2+ years experience with DevOps in managing the security aspect of cloud deployments.
• Ensure that the SecDevOps community is active in the adoption of the latest trends by engaging with a broader community across the organization.
• Develop process maps, flow charts, and processes as and when required to establish, modify, or clarify a process for deliverables as needed and should play a pivotal role in maintaining documentation following the best practices.
• Contribute to the successful plan and execution of the deployment of the project or system changes, which includes support for training, business adoption, implementation, and stabilization activities
• Hands-on expertise in building business cases and value-driver-based justification creation.
• Have very high proficiency in customer communications and be an excellent presenter in English (German language a plus)
• Knowledge in the administration of Jenkins, MS DevOps Server, Gitlab, and other CI/CD solutions.
• Knowledge of Secure coding practices, Network security, SSL/TLS, Encryption, Key Management, and SIEM deployment.
• Experience setting up CI/CD pipelines (Infrastructure as code) and Docker, Kubernetes hands-on.
• Hands-on experience with automated security (static and dynamic) scanning.
• Proficiency in Linux OS and the experience with at least one of the following development environments/languages: Java / J2EE, Python, JavaScript, C#, c/C++
• Self-organized with strong task management skills and experience with working in an agile scrum-based culture is an advantage.
• Analytical, organized, team player, relishes working in a multicultural, multi-national business context.
• Strong delivery mindset, customer focus, commitment to results, and high-quality standards.
• Experience in healthcare, pharmaceutical, or consulting.
• Working in a heterogeneous global enterprise-level environment.
Good to Have Skills:
• Experience with IAM (Open Identity Connect, LDAP.).
• Experience with SIEM (Security Information and Event Management) solutions.
• Hands-on experience with Incident Response and Log Analysis.
• Solid knowledge of industry standards and frameworks (ISO27002, PCI Compliance, NIST/DISA);
• Advanced knowledge of SAST, DAST, MAST, Pen testing, Threat Modelling, and API testing
• Experience in Open source projects from the Cloud-native computing foundation, and canary deployments.
• Security Certification (CISSP, CSSLP, CISSP-ISSAP, AWS Certified Associate Architect, Azure Certified Architect, CISM, CRISC, CDE, CDP, DSOE, CEH, CREST, OSCP)
,

Keyskills :
awslinuxtroubleshootingunixadobe streamlinebusiness casesecure coding