Sr. Manager, Supply Chain Cybersecurity

At Johnson & Johnsonwe believe health is everything. Our strength in healthcare innovation empowers us to build aworld where complex diseases are prevented treated and curedwhere treatments are smarter and less invasive andsolutions are our expertise in Innovative Medicine and MedTech we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow and profoundly impact health for more at .

As guided by Our Credo Johnson & Johnson is responsible to our employees who work with us throughout the world. We provide an inclusive work environment where each person is considered as an individual. At Johnson & Johnson we respect the diversity and dignity of our employees and recognize their merit.

Job Function:

Job Sub Function:

Job Category:

All Job Posting Locations:

Job Description:

We are searching for top talent for Sr. Manager Supply Chain Cybersecurity to support the Surgery Supply Chain Information Security & Risk Management (ISRM) organization. This position can be based in the following locations:

United States: Raritan NJ; Athens GA; San Angelo TX

Puerto Rico: San Lorenzo

Mexico: Juarez

Brazil: Sao Jose Dos Compos

Remote candidates in these countries will be considered on a case-by-case basis and if approved by the company.

Please note that this role is available across multiple countries and may be posted under different requisition numbers to comply with local requirements. While you are welcome to apply to any or all of the postings we recommend focusing on the specific country(s) that align with your preferred location(s):

US and Puerto Rico: R-064012

Mexico and Brazil: R-069704

This candidate will have a diverse background with strong business acumen technology and security expertise. He/she will be a strategic thinker who leads with impact inclusively driving intentional change proactively and be result driven keeping up with industry trends in cybersecurity. This role will embed directly with our J&J Technology and MedTech Supply Chain teams providing the security posture and the end-to-end security portfolio/capability roadmap to improve identify and remediate cyber security vulnerabilities.

You will manage and inspire a team of 2 team members and work across ISRM demonstrating authentic leadership driving results and showing dedication to our Credo. Your site scope includes global cyber security responsibility for 19 internal Manufacturing sites (IT/OT) and Application Security of 690 applications inclusive of Sarbanes-Oxley.

Responsibilities:

• Provide early/proactive engagement with project teams to drive business understanding and execution of the security capabilities and services needed for the project; End to end support for large programs.
• Perform cybersecurity risk assessments of IT/OT assets within the manufacturing sites.
• Drive cybersecurity capability adoption across Surgery sites to secure IT/OT assets and enable safe & secure innovation.
• Provide tailored security guidance (based on risk and complexity) - Interpret & apply the internal security requirements and standards for unique IT/OT (Operational Technology) initiatives and innovative or OT Specific technologies.
• Lead the cyber operational portfolio from identification > consulting remediation plan > completion partnering across ISRM business and technology teams.
• Establish data analytics to provide security posture across Surgery business units functions and sites.
• Proactively promote the importance of cybersecurity across the sector and sites.
• Assist the Security Operations Center (SOC) with security incident investigation activities; work closely with business teams to support affected users and provide liaison with central investigation team.
• Drive business understanding of critical cybersecurity regulations and ensuring solutions are compliant (NIST NIS2 Safe Data etc.).
• Support the global deployment of security initiatives with awareness sessions identify alternative ways of working to avoid business disruptions and review exception requests
• Provide audit support as the liaison between audit technology and business functions from pre-work to consulting remediation plans.

Qualifications:

• 8 years of related experience in leadership and execution roles within Cybersecurity with background in Supply Chain required.
• Bachelors degree in computer science information technology business administration or another rigorous discipline is required. MBA preferred.
• 6 years of hands-on experience in delivering technology; and cybersecurity design and capabilities required.
• Certifications in cybersecurity (CISM CISSP ISA-62443) audit (CISA) manufacturing or risk management (CRISC) are preferred.
• Excellent communication and collaboration skills able to network interface and influence at all levels of the organization cross sector cross-functionally and globally.
• Strategic mindset to develop capability roadmaps that will enable proactive reliability through data & automation.
• Experience in working/securing various levels of the enterprise architecture (data application host middleware network Infrastructure).
• Solid understanding of current security threats mitigation measures and security vendors/technologies.
• Strong understanding of security data protection and capabilities in a manufacturing and/or distribution site is required.
• Direct working and/or supporting experience of Supply Chain applications is required; Sarbanes-Oxley compliance and audit is preferred.
• Understanding of ISA/IEC 62443 NIST 800-53 and NIST 800-82 required
• Leading diverse team members with varying cybersecurity experience and proficient in resource allocation and planning to meet business needs.
• Big picture perspective and attention to detail focus to align strategic and tactical security aspects.
• Ability to collaborate network and influence all levels of the organization cross sector cross-function and global and establish oneself as an inspiring leader with expertise in space.
• AI Fluency and background In AI use cases preferred

This role may require up to 10% domestic and international travel.

Johnson & Johnson is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race color religion sex sexual orientation gender identity age national origin disability protected veteran status or other characteristics protected by federal state or local law. We actively seek qualified candidates who are protected veterans and individuals with disabilities as defined under VEVRAA and Section 503 of the Rehabilitation Act.

Johnson & Johnson is committed to providing an interview process that is inclusive of our applicants needs. If you are an individual with a disability and would like to request an accommodation external applicants please contact us via internal employees contact AskGS to be directed to your accommodation resource.

Required Skills:

Preferred Skills: