Easter Seals Jobs

Senior Director, Cybersecurity Leader - A&D - 2406202112W

Description

Johnson and Johnson is currently recruiting for a Senior Director, Cybersecurity Leader - A&D within the Johnson & Johnson Technology (JJT) organization and will be based in Raritan, NJ. Remote work options may be considered on a case-by-case basis and if approved by the company.

At Johnson & Johnson, we believe health is everything. Our strength in healthcare innovation empowers us to build a world where complex diseases are prevented, treated and cured, where treatments are smarter and less invasive and solutions are personal. Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow and profoundly impact health for humanity. Learn more at https://www.jnj.com/ .

As a key member of our team, this leader will play a critical role in ensuring the security and integrity of our organization's merger and acquisition activities globally. In this exciting and influential position, this individual will have the unique opportunity to lead the overall security responsibility for our A&D space and oversee all aspects of cyber security tasks during the merger and acquisition process.

A key responsibility will be to develop and implement robust security strategies and frameworks that protect our organization's sensitive data and assets during these critical business activities. This leader will work closely with business development and various teams and define the Cyber Security playbook and operationalization associated with J&J Global Acquisitions & Divestitures. By integrating deep knowledge of cyber security, strong leadership skills, and a collaborative approach, this individual will ensure that our A&D activities align with corporate risk profiles and report progress to the executive team on a regular basis. Additional responsibilities will include, but are not limited to:

• Lead the teams in conducting thorough cyber security due diligence assessments for A&D targets.

• Evaluate the target company's security posture, identifying vulnerabilities and risks.

• Define the risks and financial impact for remediation prior to final deal terms and assess the impact of the acquisition on our overall security framework.

• Develop and implement comprehensive security integration plans for acquired companies.

• Define and implement security policies, standards and procedures for the merged entities and collaborate with multi-functional teams to ensure timely integration of security controls.

• Work closely with executives and teams to ensure smooth integration of acquired entities into our security framework.

• Liaise with Business Development, JJT, Legal and other key teams to align security requirements and priorities and coordinate with relevant partners to address any potential challenges.

• Lead the planning and implementation of security controls and measures to safeguard merged and or divested systems and data.

• Partner with security architecture and information security controls teams to protect merged and divested environments through the integration period.

• Lead the deployment and monitoring of security technologies and tools, conduct regular security assessments, run incident response and develop and maintain security policies and procedures.

• Provides technical expertise to risk management activities for meeting regulatory, security and business requirements.

• Anticipates risks and issues of high technical complexity based on understanding of business trends and the goals and objectives.

• Evaluates and ensures the resolution of technically complex security issues, internal control issues, critical incidents and/or crisis resolution management, raising as necessary.

• Proactively assesses the impact of regulatory and other security and internal control changes on processes and advises senior leadership on the implications of risks and business needs.

• Shares knowledge of future trends, technology, procedures and systems in security, controls, and risk management.

• Reviews or prepares reports or documents on risk management to be communicated to TS, JJT and J&J senior management in highly complex situations.

• Experience building and working in complex organizations with ability to influence teams where resources do not all report directly into the function.

• Proven critical thinking skills, with a long-term outlook and the ability to achieve results to improve business unit performance and create a culture of accountability.

• Skilled leader with exceptional communication abilities, collaboration and relationship building skills establishing credibility and fostering multi-functional relationships.

• Advises on information security requirements, compliance and project/business constraints and creates forums, benchmarking analyses and processes that result in improvement, information sharing and innovation across J&J.

• Develops networks of internal and external business partners, suppliers, the technical/legal community, and consultants

• Oversees and reports on the effectiveness of security controls and compliance across all merged / divesting entities.

• Implement monitoring and reporting processes to ensure ongoing compliance and provide regular updates and metrics on security performance and incidents.

• Stay abreast of emerging cyber threats and proactively recommend and implement security enhancements.

• Stay current with industry trends, regulations, and emerging cyber threats and propose and drive the implementation of proactive security measures and processes.

• Provide guidance and support to the organization on cyber security practices.

• Conduct training and awareness sessions to promote cyber security awareness and advise on security-related matters and guide them towards security compliance.

Qualifications

• Bachelor’s level degree or equivalent is required, preferably within Information Technology or Information Security; an advanced degree (MBA or MS) is preferred.

• Minimum of 6 years of experience in leading technical teams, with a minimum of 14 years of related Information Risk Management experience or a combination of 12 years of combined experience.

• In-depth understanding and knowledge of cyber security frameworks, standards and regulations, such as NIST Cybersecurity Framework, ISO 27001, GDPR and industry-specific requirements.

• Prior experience in conducting thorough cyber security due diligence assessments for A&D targets, evaluating target companies' security postures, identifying vulnerabilities and risks, and assessing the impact of acquisitions on overall security frameworks.

• Solid understanding of due diligence processes and methodologies related to cyber security, including data privacy and protection, incident response, risk management, and technology integration.

• Demonstrated expertise in designing and implementing security architectures and controls to safeguard merged environments, including secure network infrastructure, access controls, encryption methods, and other security measures.

• Demonstrable experience in leading and integrating security controls across multiple systems and environments, ensuring seamless alignment with existing security frameworks and standards.

• Solid understanding of security technologies and tools, including firewalls, intrusion detection and prevention systems, data loss prevention solutions, SIEM systems, and vulnerability assessment tools.

• Experience in conducting security assessments and audits to evaluate the effectiveness of security controls and measures, identify gaps or vulnerabilities, and implement remediation plans.

• Robust knowledge of incident response and management processes, including incident investigation, containment, mitigation, and post-incident analysis.

• Strong analytical and problem-solving skills, with the ability to prioritize and balance multiple tasks in a fast-paced environment.

• Superb communication and interpersonal skills, with the ability to collaborate effectively with technical and non-technical partners.

• Effectively works with virtual, global teams – including diverse groups of people with varied backgrounds and cultural experiences.

• Up to 10% domestic and international travel will be required.

The anticipated base pay range for this position is $163,000 to $282,900. The Company maintains highly competitive, performance-based compensation programs. Under current guidelines, this position is eligible for an annual performance bonus in accordance with the terms of the applicable plan. The annual performance bonus is a cash bonus intended to provide an incentive to achieve annual targeted results by rewarding for individual and the corporation’s performance over a calendar/performance year. Bonuses are awarded at the Company’s discretion on an individual basis.

• Employees and/or eligible dependents may be eligible to participate in the following Company sponsored employee benefit programs: medical, dental, vision, life insurance, short- and long-term disability, business accident insurance, and group legal insurance.

• Employees may be eligible to participate in the Company’s consolidated retirement plan (pension) and savings plan (401(k)).

• This position is eligible to participate in the Company’s long-term incentive program.

• Employees are eligible for the following time off benefits:

• Vacation – up to 120 hours per calendar year

• Sick time - up to 40 hours per calendar year; for employees who reside in the State of Washington – up to 56 hours per calendar year

• Holiday pay, including Floating Holidays – up to 13 days per calendar year of Work, Personal and Family Time - up to 40 hours per calendar year

• Additional information can be found through the link below. https://www.careers.jnj.com/employee-benefits

The compensation and benefits information set forth in this posting applies to candidates hired in the United States. Candidates hired outside the United States will be eligible for compensation and benefits in accordance with their local market.

Johnson & Johnson Family of Companies are equal opportunity employers, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, genetic information, national origin, protected veteran status, disability status, or any other characteristic protected by law.

Primary Location NA-US-New Jersey-Raritan

Other Locations NA-United States

Organization Johnson & Johnson Services Inc. (6090)

Job Function Multi-Family Technology Enterprise Strategy & Security

Req ID: 2406202112W