Senior Manager A&D Cybersecurity

At Johnson & Johnson, we believe health is everything. Our strength in healthcare innovation empowers us to build a world where complex diseases are prevented, treated, and cured, where treatments are smarter and less invasive, and solutions are personal. Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow, and profoundly impact health for humanity. Learn more at ;br>
Job Function:
Technology Enterprise Strategy & Security

Job Sub Function:
Security & Controls

Job Category:
People Leader

All Job Posting Locations:
Albuquerque, New Mexico, United States of America, Albuquerque, New Mexico, United States of America, Alexandria, Virginia, United States, Anchorage, Alaska, United States, Atlanta, Georgia, United States, Austin, Texas, United States, Baltimore, Maryland, United States, Bangor, Maine, United States, Birmingham, Alabama, United States, Bismarck, North Dakota, United States, Boise, Idaho, United States, Boston, Massachusetts, United States of America, Burlington, Vermont, United States, Charleston, West Virginia, United States, Charlotte, North Carolina, United States, Chicago, Illinois, United States, Columbia, South Carolina, United States, Columbus, Ohio, United States, Denver, Colorado, United States, Des Moines, Iowa, United States, Detroit, Michigan, United States, Dover, Delaware, United States, Fayetteville, Arkansas, United States, Hartford, Connecticut, United States, Helena, Montana, United States {+ 25 more}

Job Description:

The Senior Manager, A&D Security at Johnson & Johnson is responsible for ensuring the security and integrity of the organization's acquisitions and divesture (A&D) (M&A) activities globally. This role involves developing and implementing robust security strategies to protect sensitive data and assets during critical business activities, conducting detailed cyber security due diligence assessments, and driving comprehensive security plans for newly acquired or divested J&J companies.

This position is eligible to work anywhere in the United States, but is required to work a hybrid schedule and report to a J&J office.

Key Responsibilities:

• Integration Leadership: Serve as the integration lead for Information Security Risk Management (ISRM) workstreams and take ownership for designated integrations and divestments.
• Define Security Policies: Create and implement security policies, standards, and procedures tailored for the merged companies.
• Complete Security Integration Plans: Develop and implement detailed security integration strategies for supported entities
• Conduct Assessments: Perform cyber security due diligence evaluations on acquisition and divestiture targets.
• Secure our acquisitions/divestures: :Lead implementing and maintain monitoring and reporting processes and technologies (hands on) to ensure A&D activities risks are managed

Qualifications

Education:

• BA/BS or equivalent work experience, Prefered in Computer Sciences / Information Security

Experience and Skills:

Required:

• In-depth understanding and knowledge of cyber security frameworks, standards, regulations, and best practices, such as NIST Cybersecurity Framework, ISO 27001, GDPR, and industry-specific requirements.
• Experience in conducting thorough cyber security due diligence assessments for A&D (M&A) targets, evaluating target companies' security postures, identifying vulnerabilities and risks, and assessing the impact of acquisitions on overall security frameworks.
• Deep understanding of cybersecurity controls and concepts with demonstrated ability of at least 7 years of meaningful experience
• Technical depth and breath, with ability to "roll up the sleeves" and perform technical integrations of security technologies and processs where required in an ambiguous environment
• Ability to lead direct reports or cross-functional matrixed efforts with limited to no oversight and ability to drive in complex and ambiguous scenarios

Preferred:

• Experience in leading cybersecurity in life sciences environments
• Creative problem-solving skills and understanding of complex environments (data, application, middleware, network)
• Security certifications such as CRISC, CISSP, CCSP, ISSAP, CISM, etc.
• Experienced knowledge of COBIT and / or ITIL

Other:

• 10% Travel domestic and/or international required

Johnson & Johnson is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, protected veteran status or other characteristics protected by federal, state or local law. We actively seek qualified candidates who are protected veterans and individuals with disabilities as defined under VEVRAA and Section 503 of the Rehabilitation Act.

Johnson and Johnson is committed to providing an interview process that is inclusive of our applicants' needs. If you are an individual with a disability and would like to request an accommodation, please email the Employee Health Support Center () or contact AskGS to be directed to your accommodation resource.

The anticipated base pay range for this position is :
$120,000-$207,000

Additional Description for Pay Transparency:
Subject to the terms of their respective plans, employees and/or eligible dependents are eligible to participate in the following Company sponsored employee benefit programs: medical, dental, vision, life insurance, short- and long-term disability, business accident insurance, and group legal insurance. Subject to the terms of their respective plans, employees are eligible to participate in the Company's consolidated retirement plan (pension) and savings plan (401(k)). Subject to the terms of their respective policies and date of hire, Employees are eligible for the following time off benefits: Vacation -120 hours per calendar year Sick time - 40 hours per calendar year; for employees who reside in the State of Washington -56 hours per calendar year Holiday pay, including Floating Holidays -13 days per calendar year Work, Personal and Family Time - up to 40 hours per calendar year Parental Leave - 480 hours within one year of the birth/adoption/foster care of a child Condolence Leave - 30 days for an immediate family member: 5 days for an extended family member Caregiver Leave - 10 days Volunteer Leave - 4 days Military Spouse Time-Off - 80 hours Additional information can be found through the link below.