Johnson & Johnson is recruiting for a Director- Cyber Policy, Governance & Compliance located in Raritan, NJ.
The Director, Cyber Policy, Governance & Compliance, is responsible for maintaining company cyber security policies in alignment with industry standards and emerging risks and driving compliance with global cybersecurity laws and regulations. They will develop, implement and maintain a comprehensive cyber compliance program, encompassing global governance and oversight for compliance with both internal policies and external law and regulations. The Director will keep ISRM senior leadership informed of compliance status and partner and collaborate with senior leaders of other compliance functions, including Legal, Privacy, Quality and Audit to support overall company compliance obligations. They will also work closely with various corporate functions to represent ISRM and the cybersecurity program.
Want more jobs like this?
Get jobs in Raritan, NJ delivered to your inbox every week.
Key Responsibilities:
- Develops strategy to ensure company cybersecurity policies and standards are in alignment with industry standards and compliance obligations.
- Drive creation of new policies and standards based on emerging risks and/or technology.
- Develop and maintain an overall cybersecurity governance and compliance program, including defining compliance metrics and reporting to relevant stakeholders.
- Apply relevant laws, regulations, and industry standards to the organization's information systems and practices using a strategic approach for compliance.
- Act as an internal reference point for industry knowledge, proactively monitoring and updating the organization on emerging compliance issues.
- Lead the creation and maintenance of governance and compliance documentation and records.
- Communicate cybersecurity compliance requirements to senior management and business stakeholders, influencing their decisions for proactive actions to elevate the cyber posture.
- Partner and collaborate with other company compliance leaders and teams, including Privacy, Global Audit & Assurance, and Quality.
- Partner with Government Affairs to both identify and influence emerging cyber laws/regulations.
- Support Corporate stakeholders through the generation of cybersecurity program content (e.g., Environmental, Social & Governance).
- Provide People Leadership for the Policy, Governance & Compliance team, ensuring ongoing development of team members.
- Support ISRM organizational initiatives (e.g., Talent, Learning & Development, etc.).
Qualifications
Education:
- A bachelors degree is required, preferably in Computer Science, Engineering or Information Security/Cybersecurity.
- Masters degree preferred.
Experience and Skills:
Required:
- 8+ years of Information Security/IT Risk Management experience with growing responsibilities.
- 5+ years of cybersecurity governance and compliance experience.
- 3+ years of SOX controls and compliance experience.
- Experience with a variety of compliance frameworks, such as HIPAA and PCI DSS.
- Experience with cybersecurity frameworks, such as the NIST Cybersecurity Framework, ISO 27001, ISO 27002, and SOC2.
- Experience implementing, operating, and maturing cybersecurity compliance with relevant frameworks, standards, and regulations.
- Demonstrable record of effectively collaborating with virtual, global teams, including diverse groups of people with varied backgrounds and cultural experiences.
- Excellent communication and interpersonal skills.
- Experience at a large multinational organization.
- Ability to lead a diverse staff.
Preferred:
- Certifications: Information Security & Risk Management certifications preferred.
Other:
- 10% travel.
#JNJTech
#LI-Onsite
#LI-RW1
Johnson & Johnson is an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, or protected veteran status and will not be discriminated against on the basis of disability.
For more information on how we support the whole health of our employees throughout their wellness, career and life journey, please visit www.careers.jnj.com.
The anticipated base pay range for this position is $142,000 -$244,950 USD.
The Company maintains highly competitive, performance-based compensation programs. Under current guidelines, this position is eligible for an annual performance bonus in accordance with the terms of the applicable plan. The annual performance bonus is a cash bonus intended to provide an incentive to achieve annual targeted results by rewarding for individual and the corporation's performance over a calendar/performance year. Bonuses are awarded at the Company's discretion on an individual basis.
- Employees and/or eligible dependents may be eligible to participate in the following Company sponsored employee benefit programs: medical, dental, vision, life insurance, short- and long-term disability, business accident insurance, and group legal insurance.
- Employees may be eligible to participate in the Company's consolidated retirement plan (pension) and savings plan (401(k)).
- Employees are eligible for the following time off benefits:
- Vacation - up to 120 hours per calendar year
- Sick time - up to 40 hours per calendar year; for employees who reside in the State of Washington - up to 56 hours per calendar year
- Holiday pay, including Floating Holidays - up to 13 days per calendar year of Work, Personal and Family Time - up to 40 hours per calendar year
- Additional information can be found through the link below. https://www.careers.jnj.com/employee-benefits
The compensation and benefits information set forth in this posting applies to candidates hired in the United States. Candidates hired outside the United States will be eligible for compensation and benefits in accordance with their local market.