Enterprise Data Access Product Owner

Benefits

Additional Information

Job Description The Position We are seeking a technically deep, outcome-driven Enterprise Data Access Product Owner to own and evolve the Enterprise Data Access Control (EDAC) platform - the centralized access control middleware that governs how data products are securely accessed across The Company's Discover ecosystem. This role is a 50/50 blend of Product Manager and Product Owner: As Product Manager (~50%): You will define the product vision, strategy, and roadmap for EDAC; conduct market and technology research on access control paradigms; drive adoption and usage growth; identify opportunities to automate and enhance the platform with AI/GenAI; and represent EDAC's strategic direction to senior stakeholders and cross-functional partners. As Product Owner (~50%): You will own the product backlog, write and prioritize user stories and acceptance criteria, collaborate daily with engineering teams, participate in sprint ceremonies, and ensure delivery aligns with measurable business outcomes and user satisfaction. You will report to the Group Product Manager for Discover and collaborate closely with Product Managers across Marketplace, Search, Cataloging, API Orchestration, and Analytics, as well as Architecture, Security, Engineering, and domain teams across divisions. What will you do? Contribute and communicate the product vision, strategy, and multi-quarter roadmap for EDAC as the enterprise's authoritative access control layer. Anchor all roadmap decisions in measurable business outcomes: reduced time-to-access, increased data product consumption, improved compliance posture, and higher user satisfaction scores. Conduct continuous discovery with data consumers, data stewards, security teams, and platform engineers to identify unmet needs and emerging access patterns. Own and drive product success metrics and KPI's. Research and evaluate industry-leading access control platforms and technologies (e.g., Immuta, Privacera, Collibra Data Access Governance, Okera, Apache Ranger, Open Policy Agent) to inform build-vs-buy-vs-integrate decisions. Translate regulatory requirements (GDPR, HIPAA, GxP) and enterprise security policies into product capabilities and technical specifications. Identify and drive opportunities to automate access governance workflows using AI/GenAI, including:Intelligent policy recommendation - leveraging LLMs to suggest access policies based on data classification, usage patterns, and organizational contextAutomated access request triage - using ML models to auto-approve low-risk requests and flag anomalies for human reviewNatural language policy authoring - enabling data stewards to define access rules in plain language, translated into enforceable policy codeSemantic search for access discovery - helping users understand what access they need and how to obtain it (aligned with Discover's Search 2.0 / LLM-assisted retrieval vision)Anomaly detection & risk scoring - applying behavioral analytics to detect unusual access patterns and dynamically adjust permissions. Stay current on GenAI capabilities and proactively propose experiments that reduce manual effort, improve user experience, and accelerate time-to-access. Collaborate with the Decision Intelligence and Data & AI Studio teams to leverage shared AI/ML infrastructure for EDAC automation use cases. Own the adoption strategy for EDAC - ensuring that access control capabilities are not just built but actively used, understood, and valued by data stewards and consumers across all divisions. Apply design thinking and user-centric principles to simplify complex access workflows:Map end-to-end user journeys for data consumers (from discovery → access request → provisioning → consumption)Map data steward journeys (from policy definition → enforcement → audit → iteration)Identify and eliminate friction points that slow adoption or create shadow workarounds. Build self-service experiences that empower domain teams to manage their own access policies without requiring central IT intervention. Establish feedback loops (surveys, usage analytics, user interviews, retrospectives) to continuously improve the product based on real user behavior and satisfaction. Partner with the E2E Capability Services team (UX, adoption, agile, BA) to design enablement programs, onboarding journeys, and training materials that drive sustained adoption. Track and report on adoption funnels: awareness → trial → active use → advocacy, with clear actions to improve conversion at each stage. Design and evolve sophisticated access control models that go beyond traditional Role-Based Access Control (RBAC) to implement:Attribute-Based Access Control (ABAC) - fine-grained, context-aware authorization decisions based on user attributes, data attributes, environmental context, and organizational policiesPolicy-Based Access Control (PBAC) - leveraging frameworks like XACML, OPA/Rego, or Cedar for externalized, auditable policy definitionsPurpose-Based Access Control -

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at Merck? Share your experience