At Johnson & Johnson, we believe health is everything. Our strength in healthcare innovation empowers us to build a world where complex diseases are prevented, treated, and cured, where treatments are smarter and less invasive, and solutions are personal. Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow, and profoundly impact health for humanity. Learn more at https: //www.jnj.com

Job Function:

Technology Enterprise Strategy & Security

Job Sub Function:

Security & Controls

Job Category:

People Leader

All Job Posting Locations:

Raritan, New Jersey, United States of America

Job Description:

Job Description

Johnson & Johnson is recruiting for a Senior Manager, Cybersecurity Policy to join the Information Security & Risk Management (ISRM) team. This role is based in Raritan, New Jersey.

As an integral member of the ISRM Cybersecurity Policy, Governance & Compliance team, you will own the enterprise cybersecurity policies and standards which mandate the cyber controls and requirements across all Johnson & Johnson. In this role, you will work with multiple senior security team members as well as senior Information Technology leaders.

Key Responsibilities:

• Lead the development and maintenance of cybersecurity policies and standards for the enterprise, collaborating with various technical and executive stakeholders.
• Establish and manage the governance framework for the full policy lifecycle (creation, approval, communication, monitoring, and retirement).
• Communicate cybersecurity policy and standard updates through various channels and audiences, including senior leaders.
• Partner with business units and technology teams to ensure policies are understood, adopted, and enforced.
• Provide consulting support to the larger cybersecurity team on the cybersecurity policies and standards.
• Lead the development and maintenance of standard cybersecurity exhibits and requirements for inclusion in contracts and agreements.
• Collaborate with Legal, Procurement, and Risk Management teams to ensure contractual security obligations align with company policies and risk posture.
• Support various enterprise governance initiatives, providing cybersecurity input and subject matter expertise.
• Lead and develop the policy and contracts team, ensuring ongoing learning and support special projects as needed.

Qualifications

Education:

• A bachelor’s degree is required. Prefered degree areas include Computer Science, Engineering or Information Security/Cybersecurity or equivalent.
• An advanced degree is preferred.
• Security certifications such as CGEIT, CRISC, CISSP, CISM, etc. are preferred.

Experience and Skills:

Required:

• 8+ years of Information Security/IT risk assessment/management experience with growing responsibilities.
• 5+ years of direct people management experience.
• 5+ years of direct information security/cybersecurity policy experience
• Working knowledge of cybersecurity frameworks (e.g., NIST CSF, NIST 800-53, ISO 27001, etc.).
• Proficiency in defining cybersecurity contractual language and requirements
• Ability to analyze and gauge business impact for policy/requirement changes.
• Strong analytical and problem-solving skills.
• Strong interpersonal skills to build and maintain relationships with both technical and business partners and effectively communicate with senior leaders.

Preferred:

• Knowledge of and multi-national and healthcare specific cyber laws and regulations (e.g., HIPAA).
• Experience managing cybersecurity policies in a large, dynamic, multinational organization.
• Experience in identifying key security risks, security controls, and providing consulting services to internal stakeholders.
• Demonstrable record of effectively collaborating with virtual, global teams.

Johnson & Johnson is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, protected veteran status or other characteristics protected by federal, state or local law. We actively seek qualified candidates who are protected veterans and individuals with disabilities as defined under VEVRAA and Section 503 of the Rehabilitation Act.

Johnson and Johnson is committed to providing an interview process that is inclusive of our applicants’ needs. If you are an individual with a disability and would like to request an accommodation, please email the Employee Health Support Center (ra-employeehealthsup@its.jnj.com) or contact AskGS to be directed to your accommodation resource.

#JNJTech

#Hybrid

The anticipated base pay range for this position is:

$118, 000 to $203, 550

Additional Description for Pay Transparency:

The Company maintains highly competitive, performance-based compensation programs. Under current guidelines, this position is eligible for an annual performance bonus in accordance with the terms of the applicable plan. The annual performance bonus is a cash bonus intended to provide an incentive to achieve annual targeted results by rewarding for individual and the corporation’s performance over a calendar/performance year. Bonuses are awarded at the Company’s discretion on an individual basis. • Employees and/or eligible dependents may be eligible to participate in the following Company sponsored employee benefit programs: medical, dental, vision, life insurance, short- and long-term disability, business accident insurance, and group legal insurance. • Employees may be eligible to participate in the Company’s consolidated retirement plan (pension) and savings plan (401(k)). • Employees are eligible for the following time off benefits: • Vacation – up to 120 hours per calendar year • Sick time - up to 40 hours per calendar year; for employees who reside in the State of Washington – up to 56 hours per calendar year • Holiday pay, including Floating Holidays – up to 13 days per calendar year of Work, Personal and Family Time - up to 40 hours per calendar year Additional information can be found through the link below. https: //www.careers.jnj.com/employee-benefits