Senior Manager MedTech Cybersecurity

At Johnson & Johnsonwe believe health is everything. Our strength in healthcare innovation empowers us to build aworld where complex diseases are prevented treated and curedwhere treatments are smarter and less invasive andsolutions are our expertise in Innovative Medicine and MedTech we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow and profoundly impact health for more at

Job Function:

Job Sub Function:

Job Category:

All Job Posting Locations:

Job Description:

Johnson and & Johnson through its operating companies is the worlds most comprehensive and broadly-based manufacturer of health care products as well as a provider of related services for the consumer pharmaceutical and medical device markets. We strive to provide scientifically sound high-quality products and services to help heal cure disease and improve the quality of life.

Do you want to be part of an organization that is thriving on a diverse company culture celebrating the uniqueness of our employees and committed to inclusion Then join us! We are proud to be an equal opportunity employer.

The Sr. Manager Cybersecurity Medtech Vision is a results-oriented self-starter who enjoys a fast-paced environment and is looking for opportunity to influence change in an established organization. They will have responsibility for all aspects of identifying and managing security risk and serve as the focal point for all information protection matters. This role will be part of the Johnson & Johnson Information Security and Risk Management (ISRM) team focusing on the Vision Business Unit (BU) within the MedTech sector and will be located in EMEA Dublin Beerse or Warsaw North America Jacksonville (FL)

Key Responsibilities:

• Serve as the focal point for all information asset protection matters for the Vision MedTech BU Globally and/or cross-BU for a particular region for which they are responsible.

• Be accountable for promoting information security within the BU and/or region including ensuring processes procedures and other activities are defined and implemented to meet the requirements of the Information Asset Protection Policies (IAPPs).

• Drive End-to-end Cyber Trust and Security by Design through consulting engagement and assurance. Support the strategy for embedding cyber security into business initiatives improving risk posture secure critical intellectual property protect sensitive assets improve site security and enhance business resiliency.

• Serve as the ISRM liaison and have direct interaction with sector personnel IT and business leaders.

• Provide expertise in Information Security & Risk Management to ensure that technology solutions meet all requirements and standards.

• Consult with project teams to determine applicability of various global and local regulations security standards and certifications incl. but not limited to NIST NIS2 SOX ISO27001 etc.

• Drive the adoption of security industry best-practices J&J security standards and capabilities with a focus on MedTech Vision to ensure that critical information and assets are protected from cyber threats.

• Drive risk remediation of identified cybersecurity issues.

• Provide strong leadership in driving the cybersecurity risk posture of business capabilities incl. security consulting design reviews risk prioritization advice and assurance on remediation.

• Support vulnerability management third party risk remediation and cyber incidents investigations as needed.

• Business Engagement to drive user acceptance and support of global ISRM initiatives and Business programs providing overall consulting on security by design.

• Enable ISRM capabilities for the business including awareness business impact exceptions handling

• Coordinate with IT Quality Assurance Regulatory Affairs Global Audit and Assurance and business partners to ensure audit readiness and to prepare for internal and external audits.

• Support for cybersecurity and internal control readiness for Internal and External audits.

• Deliver training and awareness to business teams on key cybersecurity concepts

• Provide metrics and reporting to ISRM and Business leadership on status of compliance to cybersecurity IAPP requirements and risks

• Participate in BU planning to ensure the integration of security measures and remediations in business plans and projects during the design development and deployment phases to ensure confidentiality integrity and availability of applications and data are adequately protected against cybersecurity threats.

• Provide expert guidance in Cybersecurity & Risk Management to ensure that technology solutions meet all requirements and standards.

Qualifications:

Education:

• A Bachelors degree or equivalent. A major in Cybersecurity or Computer Science is highly preferred.

Experience and Skills:

Required:

• A minimum of 10 years of experience in Information Security & Risk Management and/or IT.

• Previous experience developing effective and strong partnerships along with relationship building skills with business leaders and partners.

• Solid understanding of current security threats mitigation measures and security vendors/technologies.

• Experience in design and implementation of enterprise security cloud security and/or development of IT solutions or services to protect data application host middleware network Infrastructure.

• Experience working in complex fast-paced environments.

• Experience supporting leading and influencing security assessments (e.g. SOC Type 2 reporting PCI ISO 27001).

• Big Picture Thinking / Attention to Detail align strategic and tactical

• Passion for leading and influencing people

• Results Orientation and ability to drive to short timelines.

• Creative problem-solving skills.

• Customer focus (internal & external).

• Superb communication social and collaboration skills able to network and influence various levels of the organization across sectors functions and markets.

• Demonstrable ability to influence/collaborate to get to desired result.

Preferred:

• Experience with implementation or review of compliance with international security standards or regulations.

• Security certifications such as CISSP CCSP ISSAP CISM etc.

Other:

• Fluency in English and preferably proficiency in another language.

Required Skills:

Preferred Skills: