Cybersecurity Engineering Client Services, IAM Governance Lead


  View Salaries, Reviews, and more

Job Summary

Job Type


Years of Experience
At least 5 years

Tech Stacks

Job Description

  • Based in Singapore, the regional hub for Asia Pacific (AP) and top-ranked biopharmaceutical company on The Straits Times and Statista’s list of Best Employers in Singapore for two consecutive years (2020, 2021).
  • Join the premier biopharmaceutical company that has been in Singapore for more than 25 years and in AP for over 60 years.

Our IT team operates as a business partner proposing ideas and innovative solutions that enable new organizational capabilities. We collaborate internationally to deliver the services and solutions that help everyone to be more productive and enable innovation.


We are seeking an energetic, forward-thinking professional to join our Information Technology group in our IT Risk Management and Security (ITRMS) organization. As part of the global Cybersecurity Engineering (CE) Client Services and Identity & Access Management (IAM) Governance teams, main responsibilities for this lead role include achieving service and product adoptions, enabling IAM controls and leading in remediation activities in the Asia Pacific region. To achieve these, it is important to align with regional Risk Liaisons on matters related to Information Technology risks in the respective countries.

The candidate will work in a highly cohesive team environment and should be able to work well with people from ITRMS, IT & business units to achieve company imperatives.


  • Client Services
  • Lead and engage business groups for all products and services in Cybersecurity Engineering organization
  • Engage and encourage businesses to adopt and integrate Cybersecurity Engineering services and capabilities into their systems.
  • Providing guidance and expertise in service navigation & adoption of products/services and portfolio initiatives as well as managing project management activities.
  • Work with business teams to understand project requirements, improve and recommend security controls around the system, thus ensuring security surrounding company information assets.
  • Expand the use of Cybersecurity Engineering products and services. Evaluating and identifying potential use cases for our strategic solution. Making sure that it is in line with company corporate policies and brings value to businesses.
  • Contribute to Cybersecurity Engineering projects or activities, propose new or enhance existing security related processes so to increase service adoptions and improve user experience
  • Participate in cross-functional team meetings for strategic planning, developments, and changes in Cybersecurity Engineering areas.
  • Promote and adopt ways of working to transform and adapt.
  • Experiment on ways to enhance processes, gain efficiencies through automation thus improving user experience and engagements.
  • Lead outreach programs across IT and business stakeholders

IAM Governance
  • The incumbent’s core responsibilities have global implications and will work with infrastructure and systems development areas throughout the company so to achieve IAM goals and imperatives
  • Drive adoption of identity access governance controls through working with business and technical stakeholders to ensure the company’s applications have proper controls in place for managing privilege accounts, access reviews and access registration processes.
  • Identify, develop, and implement best practices for privilege account management, access requests and registration, access and account attestation.
  • Gather and understand divisional and site business requirements for IAM services. Maintain active and direct interaction with key customers.
  • Lead or build IAM controls, monitoring, and oversight capabilities. Contribute to governance initiatives so to ensure benefit realization of these capabilities
  • Take the lead in IAM remediation efforts in the region, mitigating Cybersecurity risks to company assets.

  • Foster collaboration, listen and learn from stakeholders and people with different cultures across functional areas
  • Build talents and enable them to succeed. Set an example and share the knowledge
  • Articulate business use cases related to Cybersecurity Engineering products and services. Provide guidance on business requirements and work with engineering teams to implement the solutions.
  • Demonstrate leadership quality in working and communicating with functional and cross-functional teams in different geographical region, achieving shared objectives.
  • Organize, manage, and deliver on assignments in a timely manner.
  • Present and share with confidence on related topics, provide guidance on security controls, policy adherence, advocate secure computing practices, procedures, and Information Security best practices.
  • Act with courage and candor, demonstrate a high level of ethics and integrity, drive results, foster collaboration and make rapid and disciplined decisions

  • Assess gaps in services and define delivery performance metrics, capture user experience data and types of user responses, propose strategies to improve product adoptions
  • Propose strategic initiatives to engage business units across the organization so to realized benefits, increase security awareness and product adoptions
  • Execute security gap analysis, identify threats and system vulnerabilities, consolidate all findings based on company security policy and standards or frameworks, methodology, best practices, and baselines. Communicate recommendations across functional areas.
  • Define security requirements and specifications according to business use cases, design and build a robust security architecture and controls based on key design principles

To be successful in this role, you will have:

  • Bachelor’s degree or higher in Information Technology, Computer Science, Engineering, Business, or equivalent is required.
  • At least five (5) years of experience in risk management and IT security and/or regulated or compliance environment
  • Strong understanding and experience in Digital Identity Life Cycle and Identity Governance and Access. Identity Management and Privileged Access Management and Authentication Management.
  • Experience in Agile principles & methodologies
  • Knowledge and understanding of System Development Life Cycle (SDLC), GxP and other regulatory principles.
  • Relevant certification credentials are advantages.
  • Information Security (CSX, CISA, CISM CRISC, CISSP and GIAC) and
  • Agile (Scrum Master, Scrum Product Owner) are added advantages
  • Project Management certification (PMP, PRINCE2) and/or formal course work/training in project management.
  • Familiarity with ISO 27001 or NIST standards and applicability in large scale environments.
  • Ability to work independently and as a team player in a fast-paced environment.
  • Ability to navigate cross-culturally with a wide array of stakeholders, internally and externally.
  • Superior collaboration skills and communications skills.
  • Highly organized and capable of working with attention to detail in a short timeframe
  • The scope may include after office hours commitment
  • Strong presentation and communication skills.

Our Support Functions deliver services and makes recommendations about ways to enhance our workplace and the experience of working at our organization. Our Support Functions include HR, Finance, Information Technology, Legal, Procurement, Administration, Facilities and Security.


Imagine getting up in the morning for a job as important as helping to save and improve lives around the world. Here, you have that opportunity. You can put your empathy, creativity, digital mastery, or scientific genius to work in collaboration with a diverse group of colleagues who pursue and bring hope to countless people who are battling some of the most challenging diseases of our time. Our team is constantly evolving, so if you are among the intellectually curious, join us — and start making your impact today.

Search Firm Representatives Please Read Carefully

Merck & Co., Inc., Kenilworth, NJ, USA, also known as Merck Sharp & Dohme Corp., Kenilworth, NJ, USA, does not accept unsolicited assistance from search firms for employment opportunities. All CVs / resumes submitted by search firms to any employee at our company without a valid written search agreement in place for this position will be deemed the sole property of our company. No fee will be paid in the event a candidate is hired by our company as a result of an agency referral where no pre-existing agreement is in place. Where agency agreements are in place, introductions are position specific. Please, no phone calls or emails.


There are no salaries from MSD that are similar to this job

View more salaries from MSD

NodeFlair Insights of MSD