Manager, Cybersecurity Systems Automation Engineer bei Merck & Co., Inc.

Job Description

The Opportunity 

• Based in Hyderabad, join a global healthcare biopharma company and be part of a 130- year legacy of success backed by ethical integrity, forward momentum, and an inspiring mission to achieve new milestones in global healthcare.  

• Be part of an organisation driven by digital technology and data-backed approaches that support a diversified portfolio of prescription medicines, vaccines, and animal health products.  

• Drive innovation and execution excellence. Be a part of a team with passion for using data, analytics, and insights to drive decision-making, and which creates custom software, allowing us to tackle some of the world's greatest health threats.  

Our Technology Centers focus on creating a space where teams can come together to deliver business solutions that save and improve lives. An integral part of our company’s IT operating model, Tech Centers are globally distributed locations where each IT division has employees to enable our digital transformation journey and drive business outcomes. These locations, in addition to the other sites, are essential to supporting our business and strategy.  

A focused group of leaders in each Tech Center helps to ensure we can manage and improve each location, from investing in growth, success, and well-being of our people, to making sure colleagues from each IT division feel a sense of belonging to managing critical emergencies. And together, we must leverage the strength of our team to collaborate globally to optimize connections and share best practices across the Tech Centers.  

Security Automation Engineer:

Role Over view :

Summary
The Cyber Defense AI & Automation team are seeking Security Automation Engineer to design and deliver enterprise-scale automation that reduces manual workload, suppresses noise, and accelerates cyber defense outcomes. This role is responsible for building secure, auditable, and guardrail-enforced automation workflows that operate across the full spectrum of enterprise control-plane platforms (identity, endpoint, cloud, network, and data) with Microsoft Defender, Sentinel, ADX, and Logic Apps as the core orchestration fabric, and extensions into ServiceNow Flow Designer where enterprise workflow integration is required.

As part of the Cyber Defense AI & Automation team, you will work alongside AI Security Engineers, data scientists, and platform engineers to transform detections and telemetry into structured workflows that take safe automated action. Your work will directly enable faster containment, measurable noise reduction, and reusable automation frameworks that scale across domains.

Responsibilities:

• Design and build automation workflows using Microsoft Logic Apps, Python services, and REST APIs.
• Integrate with enterprise platforms (IAM, endpoint, cloud, network, data) via APIs to execute secure, guardrail-enforced actions.
• Extend automation into ServiceNow Flow Designer where ticketing or enterprise workflow integration is needed.
• Operationalize AI outputs: consume AI-generated case packages (JSON) and translate them into safe enforcement workflows.
• Implement safety controls: kill switches, dry-run/test modes, time-limited actions, and staged rollouts (dev → UAT → prod).
• Deliver automation outputs into enterprise workflow and communication channels (Teams, ServiceNow, email, dashboards).
• Automate enrichment: pull asset ownership, user identity, threat intel, and prevalence context into workflows.
• Ensure observability: log all automated actions into ADX with correlation IDs for audit, dashboards, and feedback loops.
• Partner with domain owners to align automated actions with policies while maintaining independence of the automation fabric.
• Continuously improve frameworks by creating reusable templates, connectors, and patterns that scale across multiple platforms.

Qualifications (Required)

• Bachelor’s degree in Computer Science, Cybersecurity, Engineering, or related technical field.
• 3+ years in security engineering with demonstrated experience delivering production automation.
• Hands-on experience with Microsoft Defender XDR, Sentinel, ADX, and Logic Apps.
• Strong programming or scripting in Python or PowerShell, applied to security engineering use cases.
• Strong knowledge of cyber defense workflows (alerting, enrichment, suppression, containment).
• Ability to design automation that is safe, explainable, and auditable.
• Ready to contribute on day one with minimal ramp-up.

Preferred

• Experience integrating automation across IAM, endpoint, cloud, network, and data platforms via APIs.
• Familiarity with KQL for Sentinel/ADX-driven triggers.
• Experience using ServiceNow Flow Designer to extend automation into enterprise workflows.
• Knowledge of automation safety models (rollback, TTL, staged enforcement).
• Exposure to AI-assisted workflows where automation consumes reasoning outputs.
• Strong written and verbal communication to document workflows and explain outcomes.

What Success Looks Like

• Deployment of scalable, production-grade automations that measurably reduce analyst workload and ticket volume.
• Trusted integration of AI outputs into workflows that analysts and leadership can rely on.
• Delivery of auditable, guardrail-enforced automations that are transparent, explainable, and reversible.
• Establishment of reusable automation frameworks that extend across identity, endpoint, cloud, network, and data.
• Increased enterprise confidence in automation through clear logging, dashboards, and observability.

#HYDIT2025.

Current Employees apply HERE

Current Contingent Workers apply HERE

Search Firm Representatives Please Read Carefully 
Merck & Co., Inc., Rahway, NJ, USA, also known as Merck Sharp & Dohme LLC, Rahway, NJ, USA, does not accept unsolicited assistance from search firms for employment opportunities. All CVs / resumes submitted by search firms to any employee at our company without a valid written search agreement in place for this position will be deemed the sole property of our company.  No fee will be paid in the event a candidate is hired by our company as a result of an agency referral where no pre-existing agreement is in place. Where agency agreements are in place, introductions are position specific. Please, no phone calls or emails. 

Employee Status:

Regular

Relocation:

VISA Sponsorship:

Travel Requirements:

Flexible Work Arrangements:

Hybrid

Shift:

Valid Driving License:

Hazardous Material(s):

Required Skills:

Design Applications, Information Security, Security Operations, SLA Management, Software Development, Software Development Life Cycle (SDLC), System Designs, Technical Advice, Vulnerability Scanning

 Preferred Skills:

Job Posting End Date:

09/30/2025

*A job posting is effective until 11:59:59PM on the day BEFORE the listed job posting end date. Please ensure you apply to a job posting no later than the day BEFORE the job posting end date.

Jetzt bewerben