EU Cyber and Digital Regulations Associate Director

Company: Merck Gruppe - MSD Sharp & Dohme
Location: Rahway
Posted on: March 5, 2025

Job Description:

Job DescriptionOur Information Technology division partners with colleagues from across the business to help serve our patients and customers around the world. We are a high-energy team of dynamic, innovative individuals dedicated to leveraging information and technology to efficiently drive revenue and productivity, thereby advancing our contribution to global medical innovation.Job DescriptionThe EU Cyber and Digital Regulations Associate Director plays a key role within the IT Risk & Compliance Programs function. This role oversees compliance activities under the EU Cyber and Digital Regulations program relating to key EU regulations (e.g. NIS2 regulations, Cyber Resiliency Act, etc.). This role will require tracking changes in regulations, ensuring compliance with relevant laws, and cooperating with M&A processes to align entities with regulations. The Associate Director, EU Cyber and Digital Regulations will maintain and review lists of registered entities, oversee critical supply chain compliance, work with procurement to monitor key suppliers, and coordinate with the awareness team to provide security training and tabletop exercises.Responsibilities

• Track changes in EU regulations and ensure our company's compliance with relevant EU laws.
• Cooperate and align processes with M&A to onboard/offboard entities in compliance with regulations.
• Maintain and review lists of registered entities.
• Serve as the global point of contact for NIS2 matters, including oversight of the incident reporting processes and self-assessment process for NIS2 compliance.
• Review and update NIS2-related procedures and standard operating procedures regularly.
• Maintain and review the list of NIS2 incidents, both confirmed and potential.
• Perform internal audits for NIS2 compliance and oversee the remediation of audit findings.
• Oversee compliance status of the critical supply chain at the local level.
• Cooperate with Procurement to oversee compliance of new critical suppliers.
• Monitor security and supplier assessment statuses.
• Collaborate with the awareness team to create, update, and maintain training materials.
• Provide security awareness training for system users, including managers, senior managers, and contractual partners.
• Track completion of tabletop exercises and confirm the functionality of mass notification systems.
• Work with external auditors.Desired Education Level:
  • Bachelor's degree requiredRequired Experience and Skills:
    • 8+ years of relevant experience including extensive knowledge of NIS2 regulations, the Cyber Resilience Act, and other EU regulations.
    • Certified in relevant governance, risk, and compliance certifications, such as CISA, CRISC, or similar.
    • Experience in governance, risk, and compliance management.
    • Strong understanding and experience with procurement and supply chain compliance.
    • Experience in internal and external audit processes.
    • Effective project management and organizational skills, and ability to plan and manage multiple projects and tasks simultaneously.
    • Excellent interpersonal skills, including the ability to work closely with people at all levels of the organization and facilitate the implementation of corrective actions.
    • Demonstrated success within a matrix organization where strong leadership, influence, and collaboration are essential to enlist support and commitment from peers.
    • Ability to balance strategic thinking with effective, timely execution and delivery.
    • Confidence to challenge the status quo and raise questions, risks, and issues.
    • High standard of ethics discipline and professionalism.
    • Proficient in managing virtual engagements and workshops with international stakeholders.Preferred Experience and Skills:
      • Experience operating in a highly regulated environment such as health care or finance.
      • Broad understanding of end-to-end company operations and organizational structure including research and development, manufacturing, commercial operations, financial processes, & IT.What we offer:
        • Exciting work in a great team, global projects, international environment
        • Opportunity to learn and grow professionally within the company globally
        • Hybrid working model, flexible role pattern (e.g., even 80% full-time is possible in justified cases)
        • Pension and health insurance contributions
        • Internal reward system plus referral programme
        • 5 weeks annual leave, 5 sick days, 15 days of certified sick leave paid above statutory requirements annually, 40 paid hours annually for volunteering activities, 12 weeks of parental contribution
        • Cafeteria for tax-free benefits according to your choice (meal vouchers, L--ta--ka, sport, culture, health, travel, etc.), Multisport Card
        • Vodafone, Raiffeisen Bank, Foodora, and Mall.cz discount programmes
        • Up-to-date laptop and iPhone
        • Parking in the garage, showers, refreshments, massage chairs, library, music corner
        • Competitive salary, incentive pay, and many moreReady to take up the challenge? Apply now!Know anybody who might be interested? Refer this job!Current Employees apply Current Contingent Workers apply Search Firm Representatives Please Read Carefully:Merck & Co., Inc., Rahway, NJ, USA, also known as Merck Sharp & Dohme LLC, Rahway, NJ, USA, does not accept unsolicited assistance from search firms for employment opportunities. All CVs / resumes submitted by search firms to any employee at our company without a valid written search agreement in place for this position will be deemed the sole property of our company. No fee will be paid in the event a candidate is hired by our company as a result of an agency referral where no pre-existing agreement is in place. Where agency agreements are in place, introductions are position specific. Please, no phone calls or emails.Employee Status: RegularRelocation:VISA Sponsorship:Travel Requirements:Flexible Work Arrangements: HybridShift:Valid Driving License:Hazardous Material(s):Job Posting End Date: 03/12/2025*A job posting is effective until 11:59:59PM on the day BEFORE the listed job posting end date. Please ensure you apply to a job posting no later than the day BEFORE the job posting end date.Requisition ID: R337733
          #J-18808-Ljbffr

Keywords: Merck Gruppe - MSD Sharp & Dohme, New York , EU Cyber and Digital Regulations Associate Director, Executive , Rahway, New York