24x7 Security Operations Analyst

Merck Merck · Pharma · Bucuresti, Romania

This role is for a 24x7 Security Operations Analyst responsible for managing and supporting IT security platforms, triaging alerts, and resolving security incidents. It involves collaboration with engineering and operations teams, maintaining security tools, and ensuring operational continuity.

What you'd actually do

  1. Manage IT security platforms and ensure tools remain operational with minimal downtime
  2. Independently triage and resolve standard L1 alerts and service requests; perform solid initial investigations before escalation
  3. Act as the security liaison for Engineering and Operations and collaborate with underpinning service teams and external partners
  4. Support ITRMS use-case development, maintain the roadmap, catalogue and backlog
  5. Ensure alignment with platform governance, SDLC and ITIL processes

Skills

Required

  • Availability Management
  • Backlog Management
  • Change Controls
  • Emerging Technologies
  • Incident Management
  • Information Technology (IT) Risk Management
  • IT Project Lifecycle
  • IT Security Governance
  • Problem Management
  • Quality Assurance (QA)
  • Security Incident Management
  • Security Technologies
  • Service Delivery
  • Services Management
  • SLA Management
  • Software Configurations
  • Software Development Life Cycle (SDLC)
  • Testing
  • Works Under Pressure
  • Solid understanding of security operations workflows and incident handling
  • Knowledge of endpoint and network security concepts and tooling
  • Familiarity with ServiceNow and ITIL framework
  • Ability to correlate signals across platforms and perform independent problem analysis to identify root causes
  • Strong written and verbal English communication
  • Comfortable working under pressure, with professional presence and sound prioritization skills
  • Team-focused, adaptable, self-motivated and energetic
  • BS in Information Security, Computer Science, Engineering or equivalent experience

Nice to have

  • experience with security product governance a plus
  • Experience with one or more of the vendors/platforms listed above is highly desirable
  • Familiarity with regulatory considerations (e.g., PCI, GDPR) is desirable
  • McAfee / Trellix: ePO, HIPS, ENS, VSE, Solidcore
  • CrowdStrike (Falcon)
  • Microsoft Security Suite, primarily Microsoft Defender
  • Cylance
  • Cisco FireAMP
  • Zscaler
  • Splunk
  • Management System Development
  • Motivation Management
  • Self Motivation

What the JD emphasized

  • 24x7 Security Operations Analyst
  • ITIL-driven process discipline
  • hands-on technical troubleshooting
  • detect, contain and remediate security risks
  • first line of defense
  • independently triage standard alerts
  • coordinate with engineering and operations teams
  • sound judgment
  • good communication
  • drive to improve runbooks and operational playbooks
  • Manage IT security platforms
  • ensure tools remain operational
  • minimal downtime
  • Independently triage and resolve standard L1 alerts
  • service requests
  • solid initial investigations
  • escalation
  • security liaison
  • Engineering and Operations
  • underpinning service teams
  • external partners
  • ITRMS use-case development
  • maintain the roadmap
  • catalogue and backlog
  • platform governance
  • SDLC
  • ITIL processes
  • Monitor product usage and performance
  • identify and track recurring issues
  • propose runbook improvements
  • Correlate security incidents
  • events
  • service requests
  • work orders
  • determine business impact
  • Contain and resolve incidents
  • collect evidence and context for escalation
  • approved prioritization processes
  • ServiceNow
  • reporting tools
  • manage cases
  • SLAs
  • lifecycle workflows
  • agent/sensor/scanning and ingestion issues at L1
  • escalate appropriately
  • context and evidence
  • Contribute to shift coordination
  • operational continuity
  • mentor and guide junior analysts
  • Solid understanding of security operations workflows
  • incident handling
  • Knowledge of endpoint and network security concepts and tooling
  • Familiarity with ServiceNow and ITIL framework
  • experience with security product governance a plus
  • Experience with one or more of the vendors/platforms listed above is highly desirable
  • Ability to correlate signals across platforms
  • perform independent problem analysis
  • identify root causes
  • Strong written and verbal English communication
  • explain technical issues to diverse audiences clearly and authoritatively
  • Comfortable working under pressure
  • professional presence
  • sound prioritization skills
  • Team-focused
  • adaptable
  • self-motivated
  • energetic
  • work effectively with diverse stakeholders
  • Familiarity with regulatory considerations (e.g., PCI, GDPR) is desirable
  • BS in Information Security, Computer Science, Engineering or equivalent experience
  • Competitive salary and benefits package
  • 24/7 rotational shift structure
  • strong team-based support
  • clear escalation paths
  • Opportunities for professional growth
  • certifications
  • ongoing training in modern security technologies
  • Collaborative, dynamic team
  • contributions directly improve operational resilience
  • security-first operations team
  • technical rigor
  • continuous improvement
  • Availability Management
  • Backlog Management
  • Change Controls
  • Emerging Technologies
  • Incident Management
  • Infectious Disease
  • Information Technology (IT) Risk Management
  • IT Project Lifecycle
  • IT Security Governance
  • Management System Development
  • Motivation Management
  • Problem Management
  • Quality Assurance (QA)
  • Security Incident Management
  • Security Technologies
  • Self Motivation
  • Service Delivery
  • Services Management
  • SLA Management
  • Software Configurations
  • Software Development Life Cycle (SDLC)
  • Testing
  • Works Under Pressure