A&D Cybersecurity Manager

At Johnson & Johnsonwe believe health is everything. Our strength in healthcare innovation empowers us to build aworld where complex diseases are prevented treated and curedwhere treatments are smarter and less invasive andsolutions are our expertise in Innovative Medicine and MedTech we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow and profoundly impact health for more at

Job Function:

Technology Enterprise Strategy & Security

Job Sub Function:

Security & Controls

Job Category:

Scientific/Technology

All Job Posting Locations:

Alexandria Virginia United States Alexandria Virginia United States Anchorage Alaska United States Annapolis Maryland United States Atlanta Georgia United States Austin Texas United States Bangor Maine United States Bellingham Washington United States Billings Montana United States Birmingham Alabama United States Boise Idaho United States Boston Massachusetts United States of America Burlington Vermont United States Charleston South Carolina United States Charleston West Virginia United States Chattanooga Tennessee United States Columbus Ohio United States Concord New Hampshire United States Denver Colorado United States Detroit Michigan United States Dover Delaware United States Fargo North Dakota United States Fayetteville Arkansas United States Hartford Connecticut United States Honolulu Hawaii United States 25 more

Job Description:

At Johnson & Johnson the A&D Security manager role is a cornerstone of our acquisition and divestiture strategy driving the implementation of cutting-edge security measures to protect our business. This position supports cybersecurity assessments to pinpoint vulnerabilities in potential targets and partners with cross-functional teams to embed robust security controls. By aligning with Johnson & Johnsons security framework this role safeguards critical data and assets throughout the A&D process directly fueling the success of our strategic goals.

This position is eligible to work anywhere in the United States but is required to work a hybrid schedule and report to a J&J office.

Key Responsibilities:

• Implementation: Execute security strategies that support A&D objectives driving effective delivery of initiatives across the lifecycle of an integration or divesture.
• Manage Daily Operations: Lead all aspects of workflows to maintain consistent ties with security standards and business objectives
• Identify Risks and Impacts: Detect vulnerabilities and assess their financial implications to inform remediation plans and deal terms.
• Conduct Assessments: Assist in initial evaluations and cybersecurity due diligence on A&D targets to identify risks early
• Secure our acquisitions/divestures: Implement and maintain monitoring and reporting processes and technologies (hands on) to ensure A&D activities risks are managed

Qualifications

Education:

• BA/BS or equivalent work experience Prefered in Computer Sciences / Information Security

Experience and Skills:

Required:

• Cybersecurity Expertise: Proficiency in frameworks regulations and standard methodologies including NIST CSF ISO 27001 and GDPR.
• Threat Management: In-depth knowledge of cybersecurity controls current threats and effective mitigation techniques.
• Analytical Acumen: Solid skills in analyzing complex data and solving problems to support informed strategic decisions.
• Communication Mastery: Exceptional written and verbal skills to collaborate effectively with diverse partners
• Technical Proficiency: Hands-on experience with risk assessment tools and security monitoring technologies with 3 years of demonstrated ability
• Vendor Oversight: Validated ability to lead vendor relationships and conduct third-party risk assessments.
• Adaptability: Agility in responding to evolving cybersecurity technologies and threats.

Preferred:

• Possession of relevant certifications such as CRISC CISSP CCSP ISSAP CISM or CASP.
• Hands-on experience with cybersecurity technologies including firewalls intrusion detection/prevention systems (IDS/IPS) and encryption solutions.
• Experience in the cybersecurity aspects of mergers and acquisitions including due diligence integration planning and compliance with data privacy regulations such as CCPA HIPAA and GDPR.
• Proficiency in security management tools (e.g. SIEM systems vulnerability scanners identity management solutions).
• Familiarity with project management methodologies (e.g. Agile Waterfall) to support security initiatives.
• Expertise in applying risk management frameworks and methodologies (e.g. NIST RMF ISO 31000) to assess and mitigate cybersecurity risks particularly in the context of acquisitions and divestitures.
• Practical experience in cloud security principles and practices with a focus on major platforms like AWS Azure or Google Cloud.

Other:

• 10% Travel domestic and/or international required

Johnson & Johnson is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race color religion sex sexual orientation gender identity age national origin disability protected veteran status or other characteristics protected by federal state or local law. We actively seek qualified candidates who are protected veterans and individuals with disabilities as defined under VEVRAA and Section 503 of the Rehabilitation Act.

Johnson and Johnson is committed to providing an interview process that is inclusive of our applicants needs. If you are an individual with a disability and would like to request an accommodation please email the Employee Health Support Center () or contact AskGS to be directed to your accommodation resource.

The anticipated base pay range for this position is :

$100000-$172500

Additional Description for Pay Transparency:

Subject to the terms of their respective plans employees and/or eligible dependents are eligible to participate in the following Company sponsored employee benefit programs: medical dental vision life insurance short- and long-term disability business accident insurance and group legal insurance. Subject to the terms of their respective plans employees are eligible to participate in the Companys consolidated retirement plan (pension) and savings plan (401(k)). Subject to the terms of their respective policies and date of hire Employees are eligible for the following time off benefits: Vacation 120 hours per calendar year Sick time - 40 hours per calendar year; for employees who reside in the State of Washington 56 hours per calendar year Holiday pay including Floating Holidays 13 days per calendar year Work Personal and Family Time - up to 40 hours per calendar year Parental Leave 480 hours within one year of the birth/adoption/foster care of a child Condolence Leave 30 days for an immediate family member: 5 days for an extended family member Caregiver Leave 10 days Volunteer Leave 4 days Military Spouse Time-Off 80 hours Additional information can be found through the link below. Experience:

Manager