Hiring] Senior DevOps Engineer @The businesses of Merck KGaA, Darmstadt, Germany

Acis


Senior Security Engineer
Acis • via Instahyre
Full–time
No Degree Mentioned
Apply on Instahyre
Job description
We are seeking a Senior Security Engineer with expertise in networking, secure communication applications, and devices. The ideal candidate has hands-on experience in the security assessments of thick client applications, mobile applications, Windows, macOS, iOS, Android, and embedded Linux systems. In this role, you will conduct threat modeling, security assessments, vulnerability assessments, and penetration testing of communication systems, working closely with architecture and development teams to ensure the security of the end product. Hands-on expertise with secure protocols, encryption, platform security, and embedded systems will be utilized daily to perform security design reviews, threat modeling, and testing for network encryptors, secure communication devices, and associated applications. This role involves performing security validation using SAST, SCA, DAST, and fuzzing techniques to identify vulnerabilities in both hardware and software implementations.

Responsibilities:
• Conduct architecture security reviews and threat modeling for secure communication solutions, like network encryptors or phones.
• Perform security testing of various secure communication solutions.
• Perform security assessments of low-level components, like the MCU or firmware.
• Ensure that software dependencies are up-to-date and that vulnerabilities are reported promptly.
• Execute protocol and binary fuzzing to uncover vulnerabilities in custom or proprietary implementations.
• Utilize SAST, SCA, and DAST tools to integrate security into the entire SSDLC.
• Work closely with development teams to embed secure coding practices and security automation.
• Assess and review cryptographic implementations for weaknesses or deviations from standards.

Requirements:
• Understanding of Rust, C, Go, and Python code.
• Hands-on experience with network security, including protocol analysis, packet inspection, and secure communications.
• Expertise in mobile security tools such as Frida, Hopper, IDA Pro, Ghidra, and other reverse engineering techniques for mobile applications.
• In-depth knowledge of containerization technologies (Docker, Kubernetes) and cloud-native security best practices.
• Proficiency in fuzzing techniques for network protocols and binaries.
• Deep understanding of secure design principles, SSDLC methodologies, and security testing processes.
• Strong analytical skills with the ability to document findings and recommendations in a structured manner.
• Experience in organizations with mature security processes and structured workflows.
• Proven experience with security assessments, penetration testing, and vulnerability management across multiple platforms.
• Experience in security assessments of cryptographic protocols and implementations.
• Knowledge of secure communication devices, HSMs, and encryption modules.
• Strong understanding of secure communication protocols (TLS, IPsec, etc. ).
• Familiarity with security compliance frameworks and industry standards (e. g., NIST, ISO 2700,1 Common Criteria, FIPS 140-2/3).
• Prior exposure to security in embedded systems or hardware-based cryptography.
• Experience with SAST, SCA, and DAST tools (e. g., Coverity, BlackDuck, Burp).
• Deep understanding of secure design principles, SSDLC methodologies, and security testing processes.
• Strong analytical skills with the ability to document findings and recommendations in a structured manner.
• Experience in organizations with mature security processes and structured workflows.
• Experience securing mobile operating systems and mobile device management (MDM) solutions.
• Experience securing cloud platforms such as AWS, GCP, or Azure, and familiarity with securing cloud-native communication applications.
Report this listing
More jobs at Acis
See web results for Acis

The businesses of Merck KGaA, Darmstadt, Germany


[Hiring] Senior DevOps Engineer @The businesses of Merck KGaA, Darmstadt, Germany
The businesses of Merck KGaA, Darmstadt, Germany • via Remotive
3 days ago
Full–time
No Degree Mentioned
Apply on Remotive
Job description
Work Your Magic with us!

Ready to explore, break barriers, and discover more? We know you’ve got big plans – so do we! Our colleagues across the globe love innovating with science and technology to enrich people’s lives with our solutions in Healthcare, Life Science, and Electronics. Together, we dream big and are passionate about caring for our rich mix of people, customers, patients, and planet. That's why we are always looking for curious minds that see themselves imagining the unimaginable with us.

United As One for Patients, our purpose in Healthcare is to help create, improve and prolong lives. We develop medicines, intelligent devices and innovative technologies in therapeutic areas such as Oncology, Neurology and Fertility. Our teams work together across 6 continents with passion and relentless curiosity in order to help patients at every stage of life. Joining our Healthcare team is becoming part of a diverse, inclusive and flexible working culture, presenting great opportunities for personal development and career advancement across the globe.

Your Role:

As a Senior IT Systems & DevOps Engineer, you will be responsible for IT systems, incident, change, and release management. You will ensure the seamless deployment of new releases, maintaining system stability, security, and compliance in a regulated environment. You will collaborate with cross-functional teams, manage stakeholder communications, and drive automation and optimization across cloud-based platforms supporting drug discovery and development.

Key Responsibilities:
• Oversee incident, change, and release management for IT systems, ensuring compliance with regulatory standards.
• Manage Azure AD for identity and access management, including authentication flows for internal and third-party services.
• Implement and advocate DevOps best practices, including CI/CD, automation, and observability across platforms.
• Collaborate with cross-functional teams to influence architectural decisions and align infrastructure with business goals.
• Ensure compliance and security within a regulated (GxP) environment, implementing RBAC, secrets management, and monitoring frameworks.
• Design, develop, test, and document business requirements related to IT systems and infrastructure.
• Coordinate and perform system management tasks, ensuring alignment with quality and compliance standards.
• Autonomous review and clarification of business requirements, creation of technical designs, and stakeholder alignment.
• Manage and optimize cloud infrastructure (AWS & Azure), including cost management and performance tuning.
• Deploy and manage containerized applications using Docker, Kubernetes, Helm, and ArgoCD (GitOps).
• Implement Infrastructure as Code (IaC) using Terraform and AWS CloudFormation.
• Automate workflow and integration using Python and configuration management tools like Ansible.
• Ensure observability, including logging, monitoring, and tracing with tools like Prometheus, Grafana, ELK Stack, and AWS-native solutions.
• Participate in compliance activities, including audits, patch management, and cybersecurity initiatives.
• Provide technical guidance and support for IT systems, assisting users and resolving incidents efficiently.

Your Skills & Experience:

Must-Have:
• 8+ years of experience in IT systems management, DevOps, cloud infrastructure, and automation.
• Strong expertise in Change, Release, Incident, and Problem Management.
• Hands-on experience with Azure DevOps (project configurations, repositories, pipelines, environments).
• Strong knowledge of AWS services (VPC, IAM, STS, EKS, RDS, EC2, ECS, Route53, CloudWatch, CloudTrail, Secrets Manager, S3, API Gateway, Lambda, MWAA).
• Experience with Linux, Windows servers, and Oracle PLSQL.
• Strong understanding of IT landscapes and a willingness to work on diverse IT systems.
• Hands-on experience with containerization and Kubernetes (Docker, Helm, ArgoCD).
• Proficiency in Python scripting for automation and workflow integration.
• Experience with Infrastructure as Code (IaC) using Terraform and AWS CloudFormation.
• Strong experience in observability, security, and compliance frameworks, including RBAC, secrets management, and monitoring tools.
• Global stakeholder management experience with excellent English communication skills (written & oral).

Good to Have:
• Experience in a regulated industry (GxP, Pharma, Life Sciences).
• Familiarity with Agile ways of working.
• Knowledge of Next.js, Storybook, Tailwind, TypeScript for front-end development.
• Experience with PostgreSQL, OpenSearch/Elasticsearch for data management.
• Familiarity with R and SAS for data analysis and statistical modeling.
• Understanding of AWS billing practices and cost optimization tools.

Why Join Us?
• Work in a high-impact role contributing to cutting-edge R&D in drug discovery and development.
• Be part of a multicultural, agile team with high autonomy in decision-making.
• Exposure to a diverse tech stack combining Azure, AWS, Kubernetes, Python, and CI/CD tools.
• Opportunities for career growth and skill development in cloud computing, security, and automation.
• Work in a collaborative and innovative environment with global teams in the US, Europe, and India.

What we offer: We are curious minds that come from a broad range of backgrounds, perspectives, and life experiences. We believe that this variety drives excellence and innovation, strengthening our ability to lead in science and technology. We are committed to creating access and opportunities for all to develop and grow at your own pace. Join us in building a culture of inclusion and belonging that impacts millions and empowers everyone to work their magic and champion human progress!

Apply now and become a part of a team that is dedicated to Sparking Discovery and Elevating Humanity!

India
Delhi Show on map Get directions