AI & SaaS Product Security Engineer

Job Description

Role Overview

Join our Strategic Platforms Security & AI Security team a function at the intersection of AI security initiatives cloud-native product security and enterprise SaaS security. We protect the platforms that run global drug development from AI-powered research tools to enterprise SaaS systems used by thousands of scientists worldwide. As a Specialist youll be a hands-on practitioner driving security assessments AI risk controls implementation and technical security programs that protect critical platforms across the global footprint of our company. You will work closely with platform owners and senior security leadership to assess and mature security posture across a complex portfolio of SaaS and AI systems.

What will you do in this role:

• Own end-to-end security assessments for enterprise SaaS platform from IAM misconfigurations to API exposure

• Collaborate with product teams to enforce SaaS application security best practices conduct reviews perform scans and assist in threat modelling to identify and mitigate security risks throughout the development lifecycle.
• Be on the front line of AI security: design guardrails hunt for prompt injection attacks and build controls that didnt exist a year ago
• Operate security tooling including AI Guardrails and AI DLP tools
• Maintain and monitor security tools and dashboards ensuring that applications deployed in our environments adhere to organizational security standards and compliance requirements.
• Create and document security patterns for SaaS and AI Systems.

What should you have:

• 3 years of experience in cybersecurity IT or a closely related field - internships count
• Solid grounding in application or cloud security; hands-on experience with real enterprise environments
• Experience working with enterprise SaaS platforms and their security configurations
• Ability to communicate risk clearly - you can explain a complex finding to an engineer and to a business leader and know the difference
• Genuine curiosity about AI and generative AI security. Youve read about prompt injection jailbreaks or model supply chain risks and found yourself wanting to go deeper
• Scripting or automation experience in Python Bash or PowerShell - you reach for code when repetitive tasks get in the way
• Familiarity with cloud environments (AWS Azure or GCP) and cloud-native security concepts
• Experience with security tools in the ASM CASB SAST/DAST or DLP space is nice to have
• You take ownership of your work and follow through
• Innovative thinking experimental mindset and fast learner

What we offer

• Exciting work in a great team global projects international environment
• Opportunity to learn and grow professionally within the company globally
• Hybrid working model flexible role pattern
• Competitive salary & incentive pay
• Pension and health insurance contributions
• Internal reward system and referral scheme
• 5 weeks annual leave5sick days15days of certified sick leave paid above statutory requirements annually40 paid hours annually for volunteering activities12weeks of parental contribution
• Cafeteria for tax free benefits according to your choice (meal vouchers sport culture health travel etc.) Multisport Card
• Vodafone Raiffeisen Bank Foodora and discount programmes
• Up-to-date laptop and iPhone
• Parking in the garage showers refreshments massage chairs library music corner

Ready to take up the challenge Apply now!

Know anybody who might be interested Refer this job!

Required Skills:

Preferred Skills:

Current Employees apply HERE

Current Contingent Workers apply HERE

Search Firm Representatives Please Read Carefully
Merck & Co. Inc. Rahway NJ USA also known as Merck Sharp & Dohme LLC Rahway NJ USA does not accept unsolicited assistance from search firms for employment opportunities. All CVs / resumes submitted by search firms to any employee at our company without a valid written search agreement in place for this position will be deemed the sole property of our company. No fee will be paid in the event a candidate is hired by our company as a result of an agency referral where no pre-existing agreement is in place. Where agency agreements are in place introductions are position specific. Please no phone calls or emails.

Employee Status:

Relocation:

VISA Sponsorship:

Travel Requirements:

Flexible Work Arrangements:

Shift:

Valid Driving License:

Hazardous Material(s):

Job Posting End Date:

*A job posting is effective until 11:59:59PM on the day BEFOREthe listed job posting end date. Please ensure you apply to a job posting no later than the day BEFORE the job posting end date.