Platform Security Engineer

Job Description

Overview

The Platform Security Engineer designs and integrates security controls across cloud, platform, and SaaS ecosystems, ensuring secure‑by‑design architectures across enterprise services. This role partners with engineering, DevOps, and product teams to embed scalable security into development and operational workflows.

Key Responsibilities

• Design secure architecture patterns and reference models for cloud (AWS/Azure/GCP/Alibaba), platform services, and SaaS applications
• Perform security architecture reviews, threat modeling, and risk assessments for systems and integrations
• Integrate security into pipelines
• Implement and automate security controls across cloud and SaaS environments,
• Develop scripts and automation for security tooling and remediation workflows, if required
• Partner with engineering teams to address security gaps across platforms, APIs, and SaaS integrations
• Contribute to security standards, baselines, and architecture guidance

Minimum Requirements:

• Bachelor's degree in Computer Science, Engineering, Management of Information Systems Security, or equivalent professional experience
• 4 or more years of related experience in Information Security, cybersecurity, platform security, or cloud security engineering, and/or Information Technology to include accountability for complex tasks and/or projects.
• Strong understanding of secure architecture, SDLC, and DevSecOps practices
• Experience with CI/CD security tooling and automation
• Proficient level of business acumen in the areas of business operations, risk management, industry practices, and emerging trends

Preferred Experience and Skills:

• Experience with SaaS security controls (SSPM, identity governance, data protection)
• Knowledge of threat modeling, vulnerability management, and security assessments
• Familiarity with infrastructure as code (Terraform, CloudFormation, etc.)
• Understanding of enterprise security frameworks (NIST, ISO, CSA, CIS)

Required Skills:

Application Infrastructure, Change Management, Cloud Security, Digital Forensics, Governance Development, Identity Access Management (IAM), Incident Response, Influence, IT Change Management, IT Infrastructure Management, Network Systems, Security Compliance Frameworks, Strategic Planning, Systems Architecture, Technology Deployments

Preferred Skills:

Current Employees apply HERE

Current Contingent Workers apply HERE

US and Puerto Rico Residents Only:

As an Equal Employment Opportunity Employer, we provide equal opportunities to all employees and applicants for employment and prohibit discrimination on the basis of race, color, age, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or other applicable legally protected characteristics. As a federal contractor, we comply with all affirmative action requirements for protected veterans and individuals with disabilities. For more information about personal rights under the U.S. Equal Opportunity Employment laws, visit:

EEOC Know Your Rights

EEOC GINA Supplement

We are proud to be a company that embraces the value of bringing together, talented, and committed people with diverse experiences, perspectives, skills and backgrounds. The fastest way to breakthrough innovation is when people with diverse ideas, broad experiences, backgrounds, and skills come together in an inclusive environment. We encourage our colleagues to respectfully challenge one another's thinking and approach problems collectively.

San Francisco Residents Only: We will consider qualified applicants with arrest and conviction records for employment in compliance with the San Francisco Fair Chance Ordinance

Los Angeles Residents Only: We will consider for employment all qualified applicants, including those with criminal histories, in a manner consistent with the requirements of applicable state and local laws, including the City of Los Angeles' Fair Chance Initiative for Hiring Ordinance

Search Firm Representatives Please Read Carefully

Merck & Co., Inc., Rahway, NJ, USA, also known as Merck Sharp & Dohme LLC, Rahway, NJ, USA, does not accept unsolicited assistance from search firms for employment opportunities. All CVs / resumes submitted by search firms to any employee at our company without a valid written search agreement in place for this position will be deemed the sole property of our company. No fee will be paid in the event a candidate is hired by our company as a result of an agency referral where no pre-existing agreement is in place. Where agency agreements are in place, introductions are position specific. Please, no phone calls or emails.

Employee Status:

Regular

Relocation:

No relocation

VISA Sponsorship:

No

Travel Requirements:

10%

Flexible Work Arrangements:

Hybrid

Shift:

1st - Day

Valid Driving License:

No

Hazardous Material(s):

N/A

Job Posting End Date:

06/22/2026

• A job posting is effective until 11:59:59PM on the day BEFORE the listed job posting end date. Please ensure you apply to a job posting no later than the day BEFORE the job posting end date.