Senior Specialist Engineer - Security Telemetry and Analytics

Job Description

Are you passionate about security engineering and looking to make a significant impact in a leading biopharmaceutical company?

Join our company as a Sr. Specialist Engineer and play a key role in designing, implementing, and optimizing our next-generation security telemetry and analytics platforms.

You will drive complex engineering initiatives and collaborate with cross-functional teams to deliver high-impact security outcomes.

If you have hands-on technical depth and solution ownership, this is the perfect opportunity for you.

Responsibilities

• Design and optimize enterprise-scale Sentinel SIEM/analytics solutions.
• Architect and manage ADX clusters for scalable, cost-optimized query and hunting workloads.
• Build and tune Cribl pipelines (Edge & Stream) for telemetry routing, enrichment, and normalization.
• Integrate across the Azure stack (Logic Apps, Event Hub, Functions, Key Vault, etc.) for automation and resilience.
• Design and engineer ingestion pipelines from multiple log sources into Sentinel/ADX.
• Develop and optimize KQL queries, detection rules, dashboards, and workbooks.
• Ensure telemetry pipelines are reliable, scalable, and compliant with enterprise logging standards.
• Drive performance benchmarking and cost governance for large-scale data ingestion.
• Act as a technical SME and advisor for cross-functional security and infrastructure teams.
• Mentor and support Specialist-level engineers to uplift team skills in Sentinel, ADX, and Cribl.
• Partner with incident response, threat hunting, and cloud engineering teams to translate requirements into scalable solutions.
  
  

Interested in remote work opportunities in Cyber Security? Discover Cyber Security Remote Jobs featuring exclusive positions from top companies that offer flexible work arrangements.

Required

Qualifications

• 6–10+ years of IT/security engineering experience, with 3–5+ years focused on Microsoft Sentinel & Azure security stack.
• Proven expertise in ADX schema design, query optimization, and capacity planning.
• Hands-on experience with Cribl (Stream, Edge) for enterprise-scale log routing and transformation.
• Strong proficiency in KQL, Azure Logic Apps, and data ingestion pipelines.
• Deep understanding of SIEM architectures, SOAR automation, and cloud-native security controls.
  
  

Preferred

• Experience with ServiceNow SIR or equivalent case management integrations.
• Familiarity with MITRE ATT&CK mapping for detection engineering.
• Scripting skills (PowerShell, Python, Bash) for automation.
• Strong communication skills to influence technical and non-technical stakeholders.
  
  

Required Skills

Certificate Services, Cloud Security, Cybersecurity, Cybersecurity Analytics, Cybersecurity Operations, Incident Response, Information Security, Microsoft Azure Sentinel, Network Segmentation, Operational Technology (OT) Security, Security Analytics, System Designs, Technical Advice

Preferred Skills

Current Employees apply HERE

Current Contingent Workers apply HERE

Search Firm Representatives Please Read Carefully

Merck & Co., Inc., Rahway, NJ, USA, also known as Merck Sharp & Dohme LLC, Rahway, NJ, USA, does not accept unsolicited assistance from search firms for employment opportunities. All CVs / resumes submitted by search firms to any employee at our company without a valid written search agreement in place for this position will be deemed the sole property of our company. No fee will be paid in the event a candidate is hired by our company as a result of an agency referral where no pre-existing agreement is in place. Where agency agreements are in place, introductions are position specific. Please, no phone calls or emails.

Employee Status

Regular

Relocation

VISA Sponsorship

Travel Requirements

Flexible Work Arrangements

Hybrid

Shift

Valid Driving License

Hazardous Material(s)

Job Posting End Date

02/28/2026

• A job posting is effective until 11 59 59PM on the day BEFORE the listed job posting end date. Please ensure you apply to a job posting no later than the day BEFORE the job posting end date.
  
  

Requisition ID R369147