Supply Chain Deliver Security Senior IT Manager.

Job content

Johnson & Johnson, Inc. is recruiting for a Supply Chain Deliver Senior IT Security Manager, located in Raritan, NJ, or other locations as listed.

As a member of the Information Security Risk Management Supply Chain group, the Senior Manager supports and implements the security program which spans Johnson and Johnson’s distribution centers, contact centers, and vendors globally, including application security, infrastructure security and third-party vendor risk. They are also responsible for handling 3rd party application audits and ensuring SOX applications remain in good standing. Improving our cybersecurity posture remains a top priority for Supply Chain, and this role is a key player to craft strategy and drive improvements across our application landscape.

Key Responsibilities

Lead the execution of the cybersecurity program for DELIVER, including:

• Manage complex network of senior partners in the region across both Logistics and Customer Connectivity product lines, Technology Services, Regional Deliver Business Technology Leaders, regional application teams, compliance groups and others.
• Plan and prioritize work based on business value across product lines balancing risk and available resource, including project work, ongoing assessments of customer call centers, applications, and vendors as well as periodic renewals of contracts, risk registers, system and network inventories, external network connections, etc...
• Provide security SME consulting and security architecture guidance on technology projects. Contribute SME knowledge to help shape the strategy and security program for J&J Customer facing and future cloud IT solutions.
• Acquire agreement, schedule, and then perform assessments of cyber security risk posture of logistics technology, sites, and vendors. Rank risks, provide solution/remediation recommendations and influence adoption.
• Lead development and adoption of metrics and dashboards to enable effective management of risk
• Handle 3rd party application audits and ensuring SOX applications remain in good standing.
• Lead program to assess and perform design reviews of solutions and environments, actioning the output of scanning tools and penetration testing to improve risk posture.
  
  

Continuously Improve The Cyber Security Program, For Example

• Support identification and implementation of security tools and design patterns (e.g., IDR, AV, SIEM, deception technology).
• Develop technical standards and associated training materials and implementation guidance.
• Drive process improvements and efficiency gains to increase value from existing resources
• Actively watch new threats and vulnerabilities, collaborate with IT and Engineering and business teams on appropriate actions to address them
  
  

Develop team members and establish a network of security champions within the DELIVER organization.

Education

Qualifications

Bachelor of Science of Computer Science or Information Security, MS in Information security preferred

Required

Experience and Skills:

• 8+ years working in IT and/or Engineering with a security focus is required, including hands-on implementation level understanding of key security technologies and controls (e.g., access control, IDP/IDR, anti-malware, patch management, encryption technologies, forensics etc.)
• Experience analyzing IT Technology architecture to identify security gaps and crafting solutions.
• Experience performing security audits and assessments based on technical security frameworks such as NIST 800-53/800-82, ISO 27001, IEC 62433, RG 5.71, NEI 08-09, etc.
• Solid grasp of the security landscape including trends in process, tooling and threats.
• Consistent record of working within large projects and prioritizing multiple areas.
• Big Picture/Attention to Detail – align strategic and tactical security aspects.
• Results Orientation – creatively lead the team to deliver against timelines.
• Superb communication and creative problem-solving skills.
• Ability to collaborate and influence a diverse group of customers at all levels of the organization, cross sector, cross-functionally and globally required.
• Demonstrable ability to influence/collaborate to get to desired result required, and establish oneself as an inspiring leader with expertise in the space.
  
  

The location is flexible NA, LATAM and EMEA and may require 10-15% travel.

Preferred

• Understanding of cloud, virtualized environments and emerging digital capabilities.
• Hands-on experience of integration with hospitals and health-care environments.
• Experience of penetration testing and tools
• Experience working with incident response team
  
  

Other

• 10% - 15% travel, including international
• Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) or other relevant certifications preferred
  
  

At Johnson & Johnson, we’re on a mission to change the trajectory of health for humanity. That starts by creating the world’s healthiest workforce. Through cutting-edge programs and policies, we empower the physical, mental, emotional and financial health of our employees and the ones they love. As such, depending on location and subject to local legislation, candidates offered employment may be required to show proof of COVID-19 vaccination or, in certain countries, secure an approved accommodation prior to the commencement of employment to support the well-being of our employees, their families and the communities in which we live and work. If you are invited to interview for the position, your recruiter will advise on the vaccine requirement status in your geographic location.

Johnson & Johnson is an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, or protected veteran status and will not be discriminated against on the basis of disability.

For more information on how we support the whole health of our employees throughout their wellness, career and life journey, please visit www.careers.jnj.com.

Primary Location

United States-New Jersey-Raritan-1003 US HIghway 202

Other Locations

Latin America-Brazil-São Paulo, Switzerland-Zug-Zug, Europe/Middle East/Africa-Ireland-Cork-LittleIsland, United States-Pennsylvania-Horsham, United States-Pennsylvania-Spring House, Belgium-Antwerp-Beerse

Organization

Johnson & Johnson Services Inc. (6090)

Job Function

Info Technology

Requisition ID

2206048431W