Head of EL Cyber Governance, Compliance & Enablement

at  Merck Group

Work Your Magic with us!
Ready to explore, break barriers, and discover more? We know you’ve got big plans – so do we! Our colleagues across the globe love innovating with science and technology to enrich people’s lives with our solutions in Healthcare, Life Science, and Electronics. Together, we dream big and are passionate about caring for our rich mix of people, customers, patients, and planet. That’s why we are always looking for curious minds that see themselves imagining the unimaginable with us.
Everything we do in Electronics is to help us deliver on our purpose of being the company behind the companies, advancing digital living. We are dedicated to being the trusted supplier of high-tech materials, services and specialty chemicals for the electronics, automotive and cosmetics industries. We foster a global collaborative organization made up of individuals who have the passion to win, obsess about the customer, are relentlessly curious and act with urgency. Together, we push the boundaries of science to make more possible for our customers.

As the Head of Cyber Security Governance, assurance, and risk management, play a pivotal role within the Electronics (EL) cyber security team, reporting directly to the EL CISO.
Your responsibilities include tailoring corporate cyber security structures to EL’s needs, supporting on an operational level, and ensuring constant alignment with Merck corporate cyber security. Your role is crucial in protecting Merck EL information assets and maintaining a robust cyber security posture. Key Responsibilities: Develop and enhance risk management, compliance, and governance frameworks, aligning with industry best practices and regulatory requirements, Lead teams in developing and maintaining cyber security procedures, standards, and risk management frameworks, including third-party security risks, Ensure compliance with legal, regulatory, and industry requirements (e.g., GDPR, ISO 27001, NIST CSF, IEC62443), Implement a comprehensive cyber security training and awareness program, Develop KPI frameworks, dashboards, and reports, Provide strategic guidance for advanced IT/OT and cyber risk management practices, Collaborate with Merck EL CISO, corporate cyber security, and Regional and Site Cyber Security Managers, Oversee risk mitigation efforts, including third-party alignment with defined risk appetite, Evaluate third-party vendors’ security posture, Measure and adjust awareness program effectiveness, Present risk-related reports to senior leadership.