Cyber Security Engineer
We Dream. We Do. We Deliver.
Merkle is a leading data-driven, technology-enabled, global performance marketing agency that specializes in the delivery of unique, personalized customer experiences across platforms and devices. As a full-service, data-driven customer experience transformation, we partner with Top 500 companies in the DACH region and in Eastern Europe. Originally from Switzerland, Merkle DACH was created out of a merger between Namics and Isobar - two leading full-service digital agencies.
Our 1200+ digital enthusiasts are innovating the way brands are built, through providing expertise in Digital Transformation strategy, MarTech platforms, Creativity, UX, CRM, Data, Commerce, Mobile, Social Media, Intranet and CMS. The Merkle brand is the largest brand within the dentsu group, who shares with us a network of over 66,000+ passionate individuals in 146 countries.
Are you ready to push the boundaries of digital change and join a growing team with an amazing work environment?
If yes, we are searching for our next colleague to join us in Belgrade, on the Cyber Security Engineer role.
- Act as key member for Information Security to implement, report and follow up on risk reduction activities with projects and BAU; and work together with key partners to lead all aspects of security improvement activities.
- Engages with business partners from the Product function on projects and activities that require Information Security expertise and advice.
- Engage with business and IT platform peers throughout system lifecycle on "security-by-design" and "privacy-by-design" concepts, methods and tools.
- Perform active governance on key security metrics for systems under his/her responsibility.
- Perform or take accountability for general IT control activities in scope of the solutions including evaluating 3rd party cyber maturity and performing ongoing vendor risk governance.
- Lead security awareness trainings and provide coaching, trainings, promoting webinar attendance or similar activities to raise the security awareness of the function
- Take accountability or responsibilities of tasks required for the resolution of cyber incidents in impacting solutions under his/her responsibility, from identification to eradication, working closely with central/platform IT teams and InfoSec (e.g. SOC and IRM)
- Perform risk assessments and vulnerability management activities for functional support areas. Manage, monitor, and report on the full lifecycle of risk management at the system or platform level, from identification to closure.
- Drives cybersecurity resilience activities in the assigned functional domain (e.g. back-up, restored, Disaster Recovery)
- Support during internal or external audits.
- Support the Qualification and Validation activities required for GxP systems
- Ensure information security standards are applied to Laboratory Systems and Instruments
- Sound experience in an information security, IT risk management or IT audit function within a large organization
- Proven track record in supporting development teams throughout all phases of secure systems development life cycle (design, development, maintenance)
- Good knowledge of typical application design patterns (e.g. web, mobile, thick client, etc.)
- Good understanding of cloud computing architectures (e.g. SaaS, IaaS, PaaS, FaaS) and their corresponding characteristics in terms of information security
- Good understanding of modern technologies such as IoT, Machine learning, automation.
- Knowledge of basic identity and access management concepts (e.g. single-sign on, identity federation) and standards (e.g. SAML, OAuth 2.0, OpenID)
- Familiarity with most common web application security issues (e.g. OWASP top 10)
- General understanding of regulatory requirements (e.g.GxP, FDA) and their impact on systems.
We work with highly motivated people, who support and enrich each other. We live the possibilities of the digital world through home office, meaning you can work anywhere with flexible (annual) working hours. We also value face-to-face exchanges - coffee or tea, biscuits or fruit are all welcomed on board and shared throughout our offices.
If you ever feel the need to take a break from the digital world, we love to get hands on together and use pens, paper, and whiteboards for brainstorming sessions. Need to clear your head? Hit the foosball table, PlayStation, massage bench or yoga mat. For networking and (brain) food, we offer regular exchange formats, like meetings, tech labs and more. Not enough? We are full believers in education and support training, whether it be internally or externally. We support you.
If you feel inspired by us, we’ll probably be inspired by you. Join us now and apply online to make sure we match each other’s expectations. We value diversity and are committed to creating an inclusive environment. We welcome all qualified candidates - regardless of your gender or background, please indicate your salary expectations and possible entry date. We look forward to hearing from you!
Personal consultancies - we only work with selected partners.
Junior Talent Acquisition Business Partner
Phone: +381 69 789 047
Graduate Opportunities: Whether you're still studying, recently graduated or are already working and fancy a career hop, we could have a perfect opportunity for you.
Experienced Hires: Leverage your expertise, challenge the status quo and grow your career at Merkle.