Sr Manager, Cybersecurity - Supply Chain

at J&J Family of Companies in Springfield, Illinois, United States

Job Description

Sr Manager, Cybersecurity – Supply Chain – 2406201293W

Description

Johnson & Johnson is currently seeking a Sr. Manager for Surgery Supply Chain business units’ part of Information Security & Risk Management (ISRM) organization. This position can be based in Raritan, New Jersey or remotely in the US, Mexico or Brazil.

This candidate will have a diverse background with strong business acumen, technology, and security expertise. He/she will be a strategic thinker who leads with impact inclusively, driving intentional change proactively, and be result driven keeping up with industry trends in cybersecurity. This role will embed directly with our J&J Technology and MedTech Supply Chain teams providing the security posture and the end-to-end security portfolio/capability roadmap to improve, identify, and remediate cyber security vulnerabilities.

You will manage and inspire a team of 1-2 team members and work across ISRM demonstrating authentic leadership, driving results, and showing dedication to our Credo. Your site scope includes global cyber security responsibility for 19 internal Manufacturing sites (IT/OT) and Application Security of 690 applications inclusive of Sarbanes-Oxley.

Responsibilities:

• Provide early/proactive engagement with project teams to drive business understanding and execution of the security capabilities and services needed for the project; End to end support for large programs.

• Drive the OT capability and drive Cyber Security Risk Index (CSRI) security adoption across Surgery sites to secure IT/OT assets and enable safe & secure innovation.

• Provide tailored security guidance (based on risk and complexity) – Interpret & apply the IAPP requirements and standards for unique IT/OT (Operational Technology) initiatives and innovative or OT Specific technologies.

• Lead the cyber operational portfolio from identification > consulting remediation plan > completion partnering across ISRM, business, and technology teams.

• Establish data analytics to provide security posture across Surgery business units, functions, and sites.

• Proactively promote the importance of cybersecurity across the sector and sites.

• Assist the Security Operations Center (SOC) with security incident investigation activities; work closely with business teams to support affected users and provide liaison with central investigation team.

• Drive business understanding of critical cybersecurity regulations and ensuring solutions are compliant (NIST, NIS2, Safe Data, etc.).

• Support the global deployment of security initiatives with awareness sessions, identify alternative ways of working to avoid business disruptions, and review exception requests

• Provide audit support as the liaison between GAA/JJRC and JJT/Business from pre-work to consulting remediation plans.

Qualifications

+ 8 years of related experience in leadership and execution roles within Cybersecurity with background in Supply Chain required.

+ Bachelor’s degree in computer science, information technology, business administration, or another rigorous discipline is required. MBA preferred.

+ 6 years of hands-on experience in delivering technology; and cybersecurity design and capabilities required.

+ Certifications in cybersecurity (CISM, CISSP, ISA-62443), audit (CISA), manufacturing or risk management (CRISC) are preferred.

+ Excellent communication and collaboration skills, able to network, interface and influence at all levels of the organization, cross sector, cross-functionally and globally.

+ Strategic mindset to develop capability roadmaps that will enable proactive reliability through data & automation.

+ Experience in working/securing various levels of the enterprise architecture (data, application, host, middleware, network, Infrastructure).

+ Solid understanding of current security threats, mitigation measures, and security vendors/technologies.

+ Strong understanding of security data protection and capabilities in a manufacturing and/or distribution site is required.

+ Direct working and/or supporting experience of Supply Chain applications is required ; Sarbanes-Oxley compliance and audit is preferred.

+ Understanding of IEC 62443 and NIST 800-53 required

+ Leading diverse team members with varying cybersecurity experience and proficient in resource allocation and planning to meet business needs.

+ Big picture perspective and attention to detail focus to align strategic and tactical security aspects.

+ Ability to collaborate, network and influence all levels of the organization, cross sector, cross-function and global and establish oneself as an inspiring leader with expertise in space.

This position may require up to 10% travel domestic and international.

Johnson & Johnson Family of Companies are equal opportunity employers. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, genetic information, national origin, protected veteran status, disability status or any other characteristic protected by law.

The anticipated base pay range for this position is $118,000 to $203,550.

The Company maintains highly competitive, performance-based compensation programs. Under current guidelines, this position is eligible for an annual performance bonus in accordance with the terms of the applicable plan. The annual performance bonus is a cash bonus intended to provide an incentive to achieve annual targeted results by rewarding for individual and the corporation’s performance over a calendar/performance year. Bonuses are awarded at the Company’s discretion on an individual basis.

Employees and/or eligible dependents may be eligible to participate in the following Company sponsored employee benefit programs: medical, dental, vision, life insurance, short- and long-term disability, business accident insurance, and group legal insurance.

+ Employees may be eligible to participate in the Company’s consolidated retirement plan (pension) and savings plan (401(k)).

+ Employees are eligible for the following time off benefits:

+ Vacation – up to 120 hours per calendar year

+ Sick time – up to 40 hours per calendar year; for employees who reside in the State of Washington – up to 56 hours per calendar year

+ Holiday pay, including Floating Holidays – up to 13 days per calendar year of Work, Personal and Family Time – up to 40 hours per calendar year

+ Additional information can be found through the link below. https://www.careers.jnj.com/employee-benefits

The compensation and benefits information set forth in this posting applies to candidates hired in the United States. Candidates hired outside the United States will be eligible for compensation and benefits in accordance with their local market.

\#JNJTech

\#LI-Remote

Primary Location NA-US-New Jersey-Raritan

Other Locations Latin America-Brazil, NA-Mexico, NA-United States

Organization Johnson & Johnson Services Inc. (6090)

Job Function Multi-Family Technology Product & Platform Management

Req ID: 2406201293W