Cybersecurity Change Management & Communications Manager

At Johnson & Johnsonwe believe health is everything. Our strength in healthcare innovation empowers us to build aworld where complex diseases are prevented treated and curedwhere treatments are smarter and less invasive andsolutions are our expertise in Innovative Medicine and MedTech we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow and profoundly impact health for more at

Job Function:

Job Sub Function:

Job Category:

All Job Posting Locations:

Job Description:

The Johnson & Johnson Information Security Risk Management (ISRM) team is seeking a highly motivated and dynamic individual for a Cybersecurity Change Management & Communications Manager position to lead adoption of cybersecurity initiatives within ISRM minimize operational disruption from security changes and ensure clear timely communications to technical and non-technical stakeholders.

This role combines change management discipline communications strategy and cybersecurity domain knowledge to drive secure behavior accelerate program adoption and sustain risk-reducing changes across the organization.

In this role you will design and execute change management strategies for cybersecurity programs and create and deliver targeted communication plans supporting the rollout of cybersecurity programs including messaging about security initiatives and impacts incident communications coordination and stakeholder engagement across technical and non-technical audiences.

This role requires an articulate self-starter highly comfortable in facilitating cross-stakeholder teams towards identifying change impacts and risks communicating those changes and risks with leadership and capturing measurements showing process adoption and effectiveness.

Responsibilities

Change Strategy & Planning

• Develop and execute an end-to-end change management approach for technical cybersecurity changes including stakeholder identification impact assessments and communication planning.
• Collaborate with ISRM leadership and project teams to align change strategies with organizational goals.
• Develop change management roadmap including milestones timelines & deliverables.
• Prepare and present reports on change management activities and outcomes to senior leadership and stakeholders.
• Coordinate translation of communication documents into various languages.

Communications

• Develop executive-level presentations and reports on change progress and outcomes.
• Ensure all communication materials are accurate accessible and translated as needed.
• Create clear targeted communication packages (FAQs playbooks transition guides) for technical changes.
• Prepare executive-level security communications and presentations.
• Create targeted security communications and ad-hoc security communications for internal and external audiences.

Metrics & Reporting

• Track and report adoption metrics stakeholder engagement and overall change effectiveness.
• Identify resistance points and implement mitigation strategies.
• Conduct lessons learned sessions to continuously improve change processes.
• Reduction in security-related helpdesk tickets after rollouts (or resolution time)
• Number of change-related incidents or rollback events

Service Management

• Build strong relationships with cross-functional teams and senior leaders to drive buy-in
• Serve as a trusted advisor on change management best practices for technical initiatives
• Conduct lessons learned assessments to evaluate the success of rolled-out changes and identify areas for improvement.
• Resolve resource constraints and dependencies across multiple workstreams
• Ensure adherence to J&J established processes (Nexus Product and Service Model etc.)
• Deliver presentations to senior leadership management and team members

Qualifications

Required

• Bachelors degree in information security Communications IT or related fields
• 5 years of experience in change management communications or program management with at least 23 years focused on cybersecurity or IT security initiatives
• Demonstrated success creating measurable change and communications plans for technical initiatives across large matrixed organization
• Organizational sensitivity and risk-awareness
• Familiarity with ADKAR methodology and technical environments
• Strong written and verbal communication skills with the ability to translate technical security topics for non-technical audiences
• Experience working with cross-functional teams including Security Operations IT Risk & Compliance
• Ability to simplify complex technical concepts for diverse audiences
• Experience managing change in fast-paced global organizations.
• Self-motivated and able to lead independently

Preferred

• Preferred working history in life-sciences
• Knowledge of Cybersecurity or other Security and Compliance experience
• Working knowledge of JIRA
• Basic project management skills and familiarity with Agile delivery approaches.
• Data-driven mindset; ability to produce and interpret adoption dashboards and metrics.
• Familiarity with security frameworks and controls (NIST CSF ISO 27001 CIS Controls).
• Experience with communication and collaboration platforms (e.g. Microsoft 365 Slack SharePoint LMS email marketing platforms).
• Certifications (Prosci Certified Change Practitioner ACMP or equivalent change-management certification) a plus
• Security certifications such as CISSP CISM or CompTIA Security (preferred but not required)

Required Skills:

Preferred Skills: