At Johnson & Johnson, we believe health is everything. Our strength in healthcare innovation empowers us to build a world where complex diseases are prevented, treated, and cured, where treatments are more thoughtful and less invasive, and solutions are personal. Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow, and profoundly impact health for humanity. Learn more at https://www.jnj.com.
Diversity, Equity & Inclusion are essential to continue building our history of groundbreaking and innovation, which has been impacting the health of more than 1 billion patients and consumers every day for more than 130 years. Regardless of your race, belief, sexual orientation, religion, or any other trait, YOU are welcome in all open positions at the largest healthcare company in the world.
Want more jobs like this?
Get jobs in Raritan, NJ delivered to your inbox every week.
When You Join Johnson & Johnson, Your Move Could Mean Our Next Breakthrough!
We are searching for the best talent for a Senior Manager, Business Information Security, TO&R to partner with the Technology Operations and Risk organization, located, in the New Jersey/Pennsylvania area of the United States.
As a part of the Information Security Risk Management (ISRM) organization, this role will advance the security program which covers Johnson and Johnson's supply chain and research and development environments to protect our patients and critical operations. The lead will ensure strong controls are in place at our sites for applications, infrastructure, critical digital assets and for our third-party vendors.
The Senior Manager, Business Information Security, TO&R will play a meaningful role to:
Drive Cyber Trust and Security by Design through consulting, engagement, and assurance. Support the strategy for embedding cyber security into business initiatives, improving risk posture, secure critical intellectual property, protect critical assets, improve site security, and enhance business resiliency.
This role will also provide cybersecurity assurance for the Technical Operations & Risk organization with a focus on Procurement. The role will provide security consulting services with key partners on pivotal initiatives for the organization.
Major Duties & Responsibilities include:
- Drive the adoption of security industry best-practices, J&J security standards and capabilities to ensure that critical information and assets are protected from cyber threats.
- Provide assurance leadership on the cybersecurity risk posture of capabilities; including, security consulting, design reviews, ranking risks, and thought leadership on remediation.
- Plan and prioritize the integration of security measures in business projects during the design, development, and deployment phases. Enable ISRM capabilities for the business including awareness, business impact, exceptions handling (e.g., Safe Data, Entra).
- Provide metrics and reporting to senior ISRM and Business leadership on status of compliance to cybersecurity IAPP requirements and risks, as well as support regulatory requirements eg. SOX 404, internal and external audits.
- Facilitate education and training to the organization on cybersecurity procedures and controls.
- Partner on budget planning and provide financial recommendations to improve the security posture and drive critical risk management.
Qualifications
- A bachelor's degree in technology, cybersecurity and/or other technical subject area is required
- Experience have managed cybersecurity in life sciences environments is preferred
- Deep understanding of cybersecurity controls and concepts required
- Solid grasp of current security threats, mitigation measures and security vendors/technologies are required
- Ability to influence different audiences and drive Adoption of Enterprise Secure Software Development Processes and Tools preferred
- Ability to prioritize activities to deliver Security by Design and Comprehensive, Effective Risk Management required
- Experience working in a fast-paced environment is required
- Experience with SOX 404 controls is preferred
- Creative problem-solving skills and understanding of complex environments (data, application, middleware, network) is preferred
- Previous experience developing effective and strong partnerships is required
- Superb communication and partnership skills with the ability to network and influence all levels is required
- Working with Third Party vendors supporting IT solutions is in scope and required for the job
- Minor interactions with regulatory bodies as needed is required
The anticipated base pay range for this position is $118,000 to $203,550.
The Company maintains highly competitive, performance-based compensation programs. Under current guidelines, this position is eligible for an annual performance bonus in accordance with the terms of the applicable plan. The annual performance bonus is a cash bonus intended to provide an incentive to achieve annual targeted results by rewarding for individual and the corporation's performance over a calendar/performance year. Bonuses are awarded at the Company's discretion on an individual basis. • Please use the following language:
- Employees and/or eligible dependents may be eligible to participate in the following Company sponsored employee benefit programs: medical, dental, vision, life insurance, short- and long-term disability, business accident insurance, and group legal insurance.
- Employees may be eligible to participate in the Company's consolidated retirement plan (pension) and savings plan (401(k)).
- Employees are eligible for the following time off benefits:
- Vacation - up to 120 hours per calendar year
- Sick time - up to 40 hours per calendar year; for employees who reside in the State of Washington - up to 56 hours per calendar year
- Holiday pay, including Floating Holidays - up to 13 days per calendar year of Work, Personal and Family Time - up to 40 hours per calendar year
- Additional information can be found through the link below. https://www.careers.jnj.com/employee-benefits
The compensation and benefits information set forth in this posting applies to candidates hired in the United States. Candidates hired outside the United States will be eligible for compensation and benefits in accordance with their local market.