Johnson & Johnson is recruiting for a Director- Cyber Risk Assessment Services located in Raritan, NJ or remote work in the U.S.

The Director, Cyber Risk Assessment Services, is responsible for leading a team of security and risk professionals in the conduct of a variety of cybersecurity risk and compliance assessments, including assessments of third-parties and both internal and hosted applications. They will also be responsible for defining, developing, and monitoring assessment processes, driving continuous improvement, and defining and reporting on Key Performance Indicators. Lastly, the Director will drive automation throughout the assessment processes and collaborate and partner with other ISRM leaders to ensure assessment services meet stakeholder expectations.

• Develops and maintains overall Risk Assessment execution strategy and approach to ensure consistent, quality cybersecurity risk assessments.
• Leads team in performance of cybersecurity risk assessments across applications, third parties, websites and other relevant entities.
• Defines and maintains formal cybersecurity risk assessment processes.
• Drives and oversees the development of requirements for automation, process enhancements, and technology enhancements to drive efficiency and accuracy.
• Develops KPIs and metrics to measure quality and effectiveness of risk assessment services.
• Collaborates with other ISRM leaders to ensure risk assessments meet customer expectations.
• Collaborates with the ISRM GRC team to drive technology enhancements and capabilities to support assessment processes.
• Provides People Leadership for the Risk Assessment team, ensuring ongoing development of team members.
• Support ISRM organizational initiatives (e.g., Talent, Learning & Development, etc.).

• A bachelors degree is required, preferably in Computer Science, Engineering or Information Security/Cybersecurity.
• Masters degree preferred.

• 10+ years of Information Security/IT Risk Management experience with growing responsibilities.
• 5+ years of experience leading cybersecurity professionals in the conduct of application and/or third-party assessments.
• Experience with developing and defining formal processes for security assessments.
• Demonstrated proficiency in information security, cybersecurity controls and industry frameworks, and both traditional and emerging cyber threats.
• Demonstrable record of effectively collaborating with virtual, global teams, including diverse groups of people with varied backgrounds and cultural experiences.
• Good communication and demonstrated influencing skills.
• Experience at a large multinational organization.
• Ability to lead a diverse staff.

• Certifications: Information Security & Risk Management certifications preferred.

• 10% travel.

• Employees and/or eligible dependents may be eligible to participate in the following Company sponsored employee benefit programs: medical, dental, vision, life insurance, short- and long-term disability, business accident insurance, and group legal insurance.
• Employees may be eligible to participate in the Company's consolidated retirement plan (pension) and savings plan (401(k)).
• Employees are eligible for the following time off benefits:
• Vacation - up to 120 hours per calendar year
• Sick time - up to 40 hours per calendar year; for employees who reside in the State of Washington - up to 56 hours per calendar year
• Holiday pay, including Floating Holidays - up to 13 days per calendar year of Work, Personal and Family Time - up to 40 hours per calendar year
• Additional information can be found through the link below. https://www.careers.jnj.com/employee-benefits