Business Information Security Support

New Brunswick, NJ - USA

Monthly Salary: Not Disclosed

Posted on: 30+ days ago

Vacancies: 1 Vacancy

Job Summary

Project Title: Business Information Security Support for Technology Services
Work Location: Onsite in New Brunswick NJ (5 days/week)
Duration: 1 Year (Estimated)

Key Services & Deliverables

Service / Deliverable	Frequency	Due Date / Cadence	Acceptance Criteria
Secure by Design Consulting Support new implementations by assessing security controls using standard security user stories. Perform security-related SDLC work.	Weekly (On Demand)	Varies by product scope	SDLC documentation reviewed in Asset Management. Security user stories completed. Assessment submitted to Assessment COE.
Due Diligence Requests Conduct risk management and mitigation work for third-party vendors.	Weekly (On Demand)	Varies by assessment	Risks reviewed with Assessment COE. Risk treatment approach defined. Remediation plan and compensating controls documented with business owner.
Physical Site Assessments Support physical site assessments for J&J enterprise data centers.	Annual (Per Site)	Defined upon request	Site assessment form completed in IRIS GRC module and aligned with S-23 IAPP.
Security Risk Acknowledgment & Action Planning (S-RAAP)	Monthly (On Demand)	Intake: < 7 days Analyze: < 7 days Respond: < 7 days	Completed IRIS GRC IPT ticket. Presentation of findings and risk management decisions.
Ad-Hoc Security Control Consultations (via IRIS Service Requests)	Daily (On Demand)	Ongoing	90% of demand marked In-Progress or Completed. Value documented for each Service Request Task ticket.
Acquisitions & Divestitures (A&D) Work Review and adapt A&D templates. Support SDLC tasks for acquired entities.	Monthly (On Demand)	Per A&D project plan	Tasks completed per project timeline and A&D plan.
Monthly BIS Leadership Reporting Create reports summarizing IRIS tasks demand sources and support needs.	Monthly	First Friday of each month	Accurate and timely reporting to Corp BIS leadership.

Project Title: Business Information Security Support for Technology Services Work Location: Onsite in New Brunswick NJ (5 days/week) Duration: 1 Year (Estimated) Key Services & Deliverables Service / Deliverable Frequency Due Date / Cadence Acceptance Criteria Secure by Desi...

Project Title: Business Information Security Support for Technology Services
Work Location: Onsite in New Brunswick NJ (5 days/week)
Duration: 1 Year (Estimated)

Key Services & Deliverables

Service / Deliverable	Frequency	Due Date / Cadence	Acceptance Criteria
Secure by Design Consulting Support new implementations by assessing security controls using standard security user stories. Perform security-related SDLC work.	Weekly (On Demand)	Varies by product scope	SDLC documentation reviewed in Asset Management. Security user stories completed. Assessment submitted to Assessment COE.
Due Diligence Requests Conduct risk management and mitigation work for third-party vendors.	Weekly (On Demand)	Varies by assessment	Risks reviewed with Assessment COE. Risk treatment approach defined. Remediation plan and compensating controls documented with business owner.
Physical Site Assessments Support physical site assessments for J&J enterprise data centers.	Annual (Per Site)	Defined upon request	Site assessment form completed in IRIS GRC module and aligned with S-23 IAPP.
Security Risk Acknowledgment & Action Planning (S-RAAP)	Monthly (On Demand)	Intake: < 7 days Analyze: < 7 days Respond: < 7 days	Completed IRIS GRC IPT ticket. Presentation of findings and risk management decisions.
Ad-Hoc Security Control Consultations (via IRIS Service Requests)	Daily (On Demand)	Ongoing	90% of demand marked In-Progress or Completed. Value documented for each Service Request Task ticket.
Acquisitions & Divestitures (A&D) Work Review and adapt A&D templates. Support SDLC tasks for acquired entities.	Monthly (On Demand)	Per A&D project plan	Tasks completed per project timeline and A&D plan.
Monthly BIS Leadership Reporting Create reports summarizing IRIS tasks demand sources and support needs.	Monthly	First Friday of each month	Accurate and timely reporting to Corp BIS leadership.