Cybersecurity Lead– Business Information Security, Innovative Medicine

At Johnson & Johnson, we believe health is everything.

Our strength in healthcare innovation empowers us to build a world where complex diseases are prevented, treated, and cured, where treatments are smarter and less invasive, and solutions are personal. Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow, and profoundly impact health for humanity. Learn more at https://www.jnj.com

Job Function:
Technology Enterprise Strategy & Security

Job Sub Function:
Security & Controls

Job Category:
Scientific/Technology

All Job Posting Locations:
Raritan, New Jersey, United States of America, Titusville, New Jersey, United States of America

Job Description:

We are seeking the best talent for a Cybersecurity Lead– Business Information Security, Innovative Medicine to be located in Titusville or Raritan, NJ.

The Lead will provide assurance over the cybersecurity of the Innovative Medicine Commercial organization in the NA region.

The role will be responsible for providing security consulting services for the JJIM Commercial organization.

Responsibilities:


* Engagement: Build relationships and collaborate with J&J Innovative Medicine NA IT and business partners to ensure security is coordinated into all solutions and vendor relationships.


* Security Assurance: Ensure controls are appropriately implemented throughout the SDLC of a project, perform security testing (e.g., vulnerability scans), and ensure accurate remediation.


* Regulatory Expertise: Experience with transposing directives in security controls, conducting the respective risk assessments, and responding to incidents, specifically within the context of regulations (ex.

NIS2, GDPR, ISO 27001).


* Consulting: Provide security consulting by applying controls related to confidentiality, integrity, and availability, and assess risks against these requirements.


* Compliance: Ensure compliance with internal policies keeping in mind local country requirements if applicable.


* Capability Adoption: Support the adoption of ISRM security capabilities across the business.


* Threat Intelligence: Deploy threat intelligence capabilities to monitor for new threats, vulnerabilities, and assess their potential impact.

(engage with government and industry agencies.


* Education and Training: Promote cybersecurity procedures and controls for internal partners awareness and understanding.


* Communication: maintain connections across peer groups to continuously learn and understand emerging security solutions that are ground-breaking enablers for challenges we face

Qualifications:

Required:


* A BA/BS degree in Computer Science, Engineering, or IT Security, is required.


* A foundation of IT knowledge (technical) is required, either through experience, education or certification.


* 5 + years of experi...