Associate Director Strategic Platforms

About The Position

Requirements

• Bachelor’s degree in computer science, cybersecurity, engineering, or a related field.
• 10+ years of experience in SaaS architecture and delivery or cybersecurity, with strong depth in cloud, platform, application, or AI security.
• Proven experience leading engineering teams and delivering enterprise-scale platform capabilities.
• Hands-on expertise in SaaS, PaaS/cloud-native, and distributed system architectures.
• Experience designing and implementing security controls within modern platforms (identity, data protection, API security, workload protection).
• Strong understanding of AI/ML security risks, including data leakage, model misuse, prompt injection, and governance controls.
• Experience with public cloud security (AWS, Azure, GCP).
• Proven ability to lead cross-functional initiatives across engineering, security, legal, and business teams.
• Experience operating in large, complex enterprise environments with global scope.
• Application Security
• Budget Management
• Certificate Services
• Cloud Security
• Coaching and Development
• Customer-Focused
• Cybersecurity Analytics
• Cybersecurity Operations
• Information Security
• Operational Technology (OT) Security
• Persuasion
• Zero Trust Identity

Nice To Haves

• Deep expertise in AI security frameworks and controls, including LLM security, model governance, and responsible AI practices.
• Experience with SaaS Security Posture Management (SSPM) and CASB/SSE platforms (e.g., Zscaler, Netskope, Microsoft Defender for Cloud Apps).
• Experience with API security, service mesh, and zero-trust architectures.
• Familiarity with policy-as-code and automation frameworks.
• Knowledge of OWASP Top 10, API Top 10, and modern threat models for cloud and AI systems.
• Strong ability to translate technical risk into business impact for executive audiences.
• Experience managing vendor strategy, product selection, and platform investments.
• Financial acumen, including budget ownership and cost optimization for platform security tooling.
• Relevant certifications such as CISSP, CCSP, AWS/Azure Security, or AI/ML security certifications are preferred.
• Current Employees apply HERE
• Current Contingent Workers apply HERE
• US and Puerto Rico Residents Only: Our company is committed to inclusion, ensuring that candidates can engage in a hiring process that exhibits their true capabilities. Please click here if you need an accommodation during the application or hiring process.
• As an Equal Employment Opportunity Employer, we provide equal opportunities to all employees and applicants for employment and prohibit discrimination on the basis of race, color, age, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or other applicable legally protected characteristics.
• As a federal contractor, we comply with all affirmative action requirements for protected veterans and individuals with disabilities.
• For more information about personal rights under the U.S. Equal Employment Opportunity laws, visit: EEOC Know Your Rights EEOC GINA Supplement
• We are proud to be a company that embraces the value of bringing together, talented, and committed people with diverse experiences, perspectives, skills and backgrounds. The fastest way to breakthrough innovation is when people with diverse ideas, broad experiences, backgrounds, and skills come together in an inclusive environment. We encourage our colleagues to respectfully challenge one another’s thinking and approach problems collectively. Learn more about your rights, including under California, Colorado and other US State Acts
• San Francisco Residents Only: We will consider qualified applicants with arrest and conviction records for employment in compliance with the San Francisco Fair Chance Ordinance
• Los Angeles Residents Only: We will consider for employment all qualified applicants, including those with criminal histories, in a manner consistent with the requirements of applicable state and local laws, including the City of Los Angeles’ Fair Chance Initiative for Hiring Ordinance
• Search Firm Representatives Please Read Carefully Merck & Co., Inc., Rahway, NJ, USA, also known as Merck Sharp & Dohme LLC, Rahway, NJ, USA, does not accept unsolicited assistance from search firms for employment opportunities. All CVs / resumes submitted by search firms to any employee at our company without a valid written search agreement in place for this position will be deemed the sole property of our company. No fee will be paid in the event a candidate is hired by our company as a result of an agency referral where no pre-existing agreement is in place. Where agency agreements are in place, introductions are position specific. Please, no phone calls or emails.

Responsibilities

• Lead and develop a high-performing team responsible for security across strategic platforms, including AI systems, SaaS applications, and PaaS/cloud-native environments.
• Define and execute the security strategy for enterprise platforms, aligning with business priorities and risk reduction objectives.
• Establish and scale SaaS security capabilities, such as SaaS Security Posture Management (SSPM), data governance, and third-party platform risk controls.
• Lead PaaS and cloud-native security engineering for enterprise platforms such as SAP, Databricks, and similar strategic services.
• Design, implement, and operate security controls embedded within AI, SaaS, and PaaS platforms, including identity, data protection, and runtime protections.
• Drive AI security realization, including model security management, prompt hardening, secure usage patterns, and governance of AI services (e.g., LLMs, copilots, agents).
• Integrate data protection into platform architectures, ensuring consistent enforcement across AI, SaaS, and PaaS ecosystems.
• Define and operationalize secure platform patterns, including reusable guardrails, and builder-friendly security services.
• Drive automation and engineering-first approaches to reduce manual controls and improve scalability of protection across thousands of applications and services.
• Partner with Legal, Privacy, Risk, and Compliance teams to ensure alignment with regulatory and data governance requirements.
• Influence enterprise architecture and security standards, contributing to long-term strategic roadmaps.
• Serve as a technical thought leader and executive-facing communicator on platform security, AI risk, and cloud security posture.

Benefits

• medical
• dental
• vision healthcare
• other insurance benefits (for employee and family)
• retirement benefits, including 401(k)
• paid holidays
• vacation
• compassionate and sick days