At Johnson & Johnson, we believe health is everything. Our strength in healthcare innovation empowers us to build a world where complex diseases are prevented, treated, and cured, where treatments are smarter and less invasive, and solutions are personal. Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow, and profoundly impact health for humanity. Learn more at jnj.com.
As guided by Our Credo, Johnson & Johnson is responsible to our employees who work with us throughout the world. We provide an inclusive work environment where each person is considered as an individual. At Johnson & Johnson, we respect the diversity and dignity of our employees and recognize their merit.
**Job Function: **
Technology Enterprise Strategy & Security
**Job Sub Function: **
Security & Controls
Job Category:
People Leader
All Job Posting Locations:
Beerse, Antwerp, Belgium, Dublin, Ireland, Jacksonville, Florida, United States of America, Warsaw, Masovian, Poland
Job Description:
Johnson and & Johnson, through its operating companies, is the world's most comprehensive and broadly-based manufacturer of health care products, as well as a provider of related services, for the consumer, pharmaceutical, and medical device markets. We strive to provide scientifically sound, high-quality products and services to help heal, cure disease and improve the quality of life.
Do you want to be part of an organization that is thriving on a diverse company culture, celebrating the uniqueness of our employees and committed to inclusion? Then join us! We are proud to be an equal opportunity employer.
The **Sr. Manager, Cybersecurity Medtech Vision **is a results-oriented self-starter who enjoys a fast-paced environment and is looking for opportunity to influence change in an established organization. They will have responsibility for all aspects of identifying and managing security risk and serve as the focal point for all information protection matters. This role will be part of the Johnson & Johnson Information Security and Risk Management (ISRM) team, focusing on the Vision Business Unit (BU) within the MedTech sector and will be located in EMEA – Dublin, Beerse or Warsaw , North America – Jacksonville (FL)
Key Responsibilities:
- Serve as the focal point for all information asset protection matters for the Vision MedTech BU Globally and/or cross-BU for a particular region for which they are responsible.
- Be accountable for promoting information security within the BU and/or region, including ensuring processes, procedures, and other activities are defined and implemented to meet the requirements of the Information Asset Protection Policies (IAPPs).
- Drive End-to-end Cyber Trust and Security by Design through consulting, engagement and assurance. Support the strategy for embedding cyber security into business initiatives, improving risk posture, secure critical intellectual property, protect sensitive assets, improve site security and enhance business resiliency.
- Serve as the ISRM liaison and have direct interaction with sector personnel, IT, and business leaders.
- Provide expertise in Information Security & Risk Management to ensure that technology solutions meet all requirements and standards.
- Consult with project teams to determine applicability of various global and local regulations, security standards and certifications, incl. but not limited to NIST, NIS2, SOX, ISO27001, etc.
- Drive the adoption of security industry best-practices, J&J security standards and capabilities with a focus on MedTech Vision to ensure that critical information and assets are protected from cyber threats.
- Drive risk remediation of identified cybersecurity issues.
- Provide strong leadership in driving the cybersecurity risk posture of business capabilities, incl. security consulting, design reviews, risk prioritization, advice and assurance on remediation.
- Support vulnerability management, third party risk remediation and cyber incidents investigations as needed.
- Business Engagement to drive user acceptance and support of global ISRM initiatives and Business programs, providing overall consulting on security by design.
- Enable ISRM capabilities for the business including awareness, business impact, exceptions handling
- Coordinate with IT, Quality Assurance, Regulatory Affairs, Global Audit and Assurance and business partners to ensure audit readiness and to prepare for internal and external audits.
- Support for cybersecurity, and internal control readiness for Internal and External audits.
- Deliver training and awareness to business teams on key cybersecurity concepts
- Provide metrics and reporting to ISRM and Business leadership on status of compliance to cybersecurity IAPP requirements and risks
- Participate in BU planning to ensure the integration of security measures and remediations in business plans and projects during the design, development and deployment phases to ensure confidentiality, integrity and availability of applications and data are adequately protected against cybersecurity threats.
- Provide expert guidance in Cybersecurity & Risk Management to ensure that technology solutions meet all requirements and standards.
Qualifications:
Education:
- A Bachelor's degree or equivalent. A major in Cybersecurity or Computer Science is highly preferred.
Experience and Skills:
Required:
- A minimum of 10 years of experience in Information Security & Risk Management and/or IT.
- Previous experience developing effective and strong partnerships along with relationship building skills with business leaders and partners.
- Solid understanding of current security threats, mitigation measures and security vendors/technologies.
- Experience in design and implementation of enterprise security, cloud security and/or development of IT solutions or services to protect data, application, host, middleware, network, Infrastructure.
- Experience working in complex, fast-paced environments.
- Experience supporting, leading and influencing security assessments (e.g. SOC Type 2 reporting, PCI, ISO 27001).
- Big Picture Thinking / Attention to Detail – align strategic and tactical
- Passion for leading and influencing people
- Results Orientation and ability to drive to short timelines.
- Creative problem-solving skills.
- Customer focus (internal & external).
- Superb communication, social and collaboration skills, able to network and influence various levels of the organization, across sectors, functions and markets.
- Demonstrable ability to influence/collaborate to get to desired result.
Preferred:
- Experience with implementation or review of compliance with international security standards or regulations.
- Security certifications such as CISSP, CCSP, ISSAP, CISM, etc.
Other:
- Fluency in English and preferably proficiency in another language.
**Required Skills: **
Preferred Skills:
Business Process Design, Collaborating, Crisis Management, Critical Thinking, Cyber Threat Intelligence, Developing Others, Inclusive Leadership, Information Security Auditing, Information Security Management System (ISMS), Information Technology (IT) Security Assessments, Information Technology Strategies, Leadership, Managing Managers, People Performance Management, Presentation Design, Process Optimization, Security Architecture Design, Security Policies