Incident Responder

<p style="text-align:left">Job Description</p><p style="text-align:inherit"></p><p><b>Cyber Security Operations Incident Response Analyst</b></p><p>Our company is an innovative, global healthcare leader committed to improving health and well-being in 140 countries around the world. We focus our research on conditions that affect millions of people around the world, such as Alzheimer&#39;s, Diabetes, and Cancer, while expanding our strengths in areas such as vaccines and biologics. Join us in our mission to provide leading innovations and solutions for tomorrow.</p><p>We are looking to hire an experienced analyst to reinforce the cybersecurity operations team in our Prague technology hub.</p><p></p><p><b>Responsibilities</b></p><ul><li>Independently handle incident case investigations and drive to full remediation, including triage, analysis, containment and remediation.</li><li>Assess the impact and risk of incidents, make evidence-based decisions and take appropriate actions according to defined procedures and best practice.</li><li>Utilize various security tools and technologies to detect, investigate, contain, remediate and document cyber threats.</li><li>Communicate and collaborate with other teams, including business liaisons, to ensure proper prioritization and resolution of incident cases.</li><li>Contribute to the development and enhancement of security monitoring and detection capabilities by improving detection logic, filtering, aggregation and automation.</li><li>Actively build and improve team’s knowledgebase and standard procedures.</li><li>Support, assist and provide feedback to junior colleagues.</li><li>Actively participate in development projects building functionality required by incident response team.</li><li>Stay up to date with the latest security trends, attack techniques, vulnerabilities, and best practices.</li></ul><p></p><p><b>Qualifications</b></p><ul><li>Previous experience of at least 3 years in a cyber security operations role (SOC, incident response, digital forensics, DLP, threat hunting or similar).</li><li>Strong understanding of computer networks, operating systems, security tools, log types/sources, and attack vectors.</li><li>Hands-on experience with some of the industry standard security tools (in categories like EDR, SIEM, MDM, identity management, sandboxes, proxies, firewalls, PAM).</li><li>Comprehensive knowledge of procedures for security monitoring, incident investigation, incident response, and remediation methodologies.</li><li>Investigative mindset with excellent analytical and problem-solving skills.</li><li>Scripting skills to solve data processing tasks on ad hoc basis.</li><li>Strong communication skills, both written and verbal. Experience presenting and reporting to senior leadership.</li><li>Knowledge of cloud security concepts and technologies.</li></ul><p><i>Preferred</i></p><ul><li>Industry relevant certifications (e.g. CompTIA Security, Certified Ethical Hacker, GIAC).</li><li>Experience working in a global organization and large team.</li><li>Familiarity with cyber regulatory frameworks and compliance requirements.</li></ul><p></p><p><b>What we offer:</b></p><ul><li>Exciting work in a great team, global projects, international environment</li><li>Opportunity to learn and grow professionally within the company globally</li><li>Hybrid working model, flexible role pattern</li><li>Pension and health insurance contributions</li><li>Internal reward system plus referral program</li><li><b>5 </b>weeks annual leave, <b>5 </b>sick days, <b>15 </b>days of certified sick leave paid above statutory requirements annually, <b>40 </b>paid hours annually for volunteering activities, <b>12 </b>weeks of parental contribution</li><li>Cafeteria for tax free benefits according to your choice (meal vouchers, Lítačka, sport, culture, health, travel, etc.), Multisport Card</li><li>Vodafone, Raiffeisen Bank, Foodora, and other discount programs</li><li>Up-to-date laptop and iPhone</li><li>Parking in the garage for drivers or showers for bikers</li><li>Competitive salary, incentive pay, and many more</li></ul><p></p><p></p><p><b>Required Skills: </b></p>Cyber Threat Hunting, Cyber Threat Intelligence, Data Loss Prevention (DLP), Detail-Oriented, Digital Forensics, Incident Investigations, Incident Response, Incident Response Management, Information Systems Management, Malware Analysis, Security Monitoring, Security Tools, Vulnerability Management<p></p><p><b>Preferred Skills: </b></p><p style="text-align:inherit"></p><p style="text-align:left">Current Employees apply <a target="_blank" href="https://wd5.myworkday.com/msd/d/task/1422$6687.htmld">HERE</a></p><p style="text-align:inherit"></p><p style="text-align:left">Current Contingent Workers apply <a target="_blank" href="https://wd5.myworkday.com/msd/d/task/1422$4020.htmld">HERE</a></p><p style="text-align:inherit"></p><p style="text-align:left"><b>Search Firm Representatives Please Read Carefully </b><br />Merck &amp; Co., Inc., Rahway, NJ, USA, also known as Merck Sharp &amp; Dohme LLC, Rahway, NJ, USA, does not accept unsolicited assistance from search firms for employment opportunities. All CVs / resumes submitted by search firms to any employee at our company without a valid written search agreement in place for this position will be deemed the sole property of our company.  No fee will be paid in the event a candidate is hired by our company as a result of an agency referral where no pre-existing agreement is in place. Where agency agreements are in place, introductions are position specific. Please, no phone calls or emails. </p><p style="text-align:inherit"></p><p style="text-align:left"><b>Employee Status: </b></p>Regular<p style="text-align:inherit"></p><p style="text-align:left"><b>Relocation:</b></p><p style="text-align:inherit"></p><p style="text-align:left"><b>VISA Sponsorship:</b></p><p style="text-align:inherit"></p><p style="text-align:left"><b><span>Travel Requirements:</span></b></p><p style="text-align:inherit"></p><p style="text-align:left"><b>Flexible Work Arrangements:</b></p>Hybrid<p style="text-align:inherit"></p><p style="text-align:left"><b>Shift:</b></p><p style="text-align:inherit"></p><p style="text-align:left"><b>Valid Driving License:</b></p><p style="text-align:inherit"></p><p style="text-align:left"><b>Hazardous Material(s):</b></p><p style="text-align:inherit"></p><p style="text-align:left"><b>Job Posting End Date:</b></p>03/31/2026<p style="text-align:left"><b><span>*A job posting is effective until 11:59:59PM on the day <u>BEFORE</u> the listed job posting end date. Please ensure you apply to a job posting no later than the day <u>BEFORE</u> the job posting end date. </span></b></p>