Cybersecurity Lead MedTech R&D
Johnson & Johnson
17 days ago
Remote
United States
IT
Job Description
Cybersecurity Lead (Business Information Security partner for MedTech R&D). Based in Raritan, NJ or Irvine, CA, or remotely in the US.
Responsibilities
- Provide early/proactive engagement with project teams; end-to-end support for large programs.
- Provide tailored security guidance; interpret and apply IAPP requirements/standards.
- Drive cybersecurity adoption across R&D labs and Electrophysiology sites to secure IT/OT assets.
- Lead the cyber operational portfolio: identification β consulting remediation plan β completion (with ISRM, business, and technology teams).
- Establish data analytics to report security posture across business units, functions, and sites.
- Support SOC with security incident investigations; liaise with central investigation team.
- Ensure compliance with critical cybersecurity regulations (e.g., NIST, NIS2, Safe Data).
- Support global deployment of security initiatives (awareness sessions, alternative ways of working, review exception requests).
- Drive/manage security gap assessments and remediation; support R&D portfolio integration for key acquisitions.
Qualifications
- Bachelorβs degree in CS, IT, cybersecurity, business administration, or related rigorous discipline.
- 5+ years in IT/OT and/or engineering security, including hands-on implementation of access control, IDP/IDR, anti-malware, patch management, encryption, and forensics.
- Experience supporting Research & Development functions.
- Experience leading/perfoming security assessments and security assurance across enterprise architecture layers.
- Solid understanding of security threats, mitigations, and security vendors/technologies.
- Cloud security experience (AWS, Azure, Salesforce).
- Security standards experience (ISO27001, HiTrust, NIST, etc.); CISM/CISSP/ISA-62443, CISA, or CRISC preferred.
- Familiarity with security trends; data visualization tools (PowerBI, Tableau).
- Strong collaboration/influence and communication across global, cross-functional teams.
- Security audit leadership/influence preferred (SOC Type 2, PCI, ISO 27001).
Benefits
- Vacation: 120 hours/year
- Sick time: 40 hours/year (CO: 48; WA: 56)
- Holiday pay (Floating Holidays): 13 days/year
- Work/Personal/Family Time: up to 40 hours/year
- Parental leave: 480 hours
- Bereavement leave: 240 hours (immediate); 40 hours (extended)
- Caregiver leave: 80 hours (52-week rolling period)
- Volunteer leave: 32 hours/year
- Military spouse time-off: 80 hours/year
Application Instructions
- Up to 10% travel may be required.
Cybersecurity Lead (Business Information Security partner for MedTech R&D). Based in Raritan, NJ or Irvine, CA, or remotely in the US.
Responsibilities
- Provide early/proactive engagement with project teams; end-to-end support for large programs.
- Provide tailored security guidance; interpret and apply IAPP requirements/standards.
- Drive cybersecurity adoption across R&D labs and Electrophysiology sites to secure IT/OT assets.
- Lead the cyber operational portfolio: identification β consulting remediation plan β completion (with ISRM, business, and technology teams).
- Establish data analytics to report security posture across business units, functions, and sites.
- Support SOC with security incident investigations; liaise with central investigation team.
- Ensure compliance with critical cybersecurity regulations (e.g., NIST, NIS2, Safe Data).
- Support global deployment of security initiatives (awareness sessions, alternative ways of working, review exception requests).
- Drive/manage security gap assessments and remediation; support R&D portfolio integration for key acquisitions.
Qualifications
- Bachelorβs degree in CS, IT, cybersecurity, business administration, or related rigorous discipline.
- 5+ years in IT/OT and/or engineering security, including hands-on implementation of access control, IDP/IDR, anti-malware, patch management, encryption, and forensics.
- Experience supporting Research & Development functions.
- Experience leading/perfoming security assessments and security assurance across enterprise architecture layers.
- Solid understanding of security threats, mitigations, and security vendors/technologies.
- Cloud security experience (AWS, Azure, Salesforce).
- Security standards experience (ISO27001, HiTrust, NIST, etc.); CISM/CISSP/ISA-62443, CISA, or CRISC preferred.
- Familiarity with security trends; data visualization tools (PowerBI, Tableau).
- Strong collaboration/influence and communication across global, cross-functional teams.
- Security audit leadership/influence preferred (SOC Type 2, PCI, ISO 27001).
Benefits
- Vacation: 120 hours/year
- Sick time: 40 hours/year (CO: 48; WA: 56)
- Holiday pay (Floating Holidays): 13 days/year
- Work/Personal/Family Time: up to 40 hours/year
- Parental leave: 480 hours
- Bereavement leave: 240 hours (immediate); 40 hours (extended)
- Caregiver leave: 80 hours (52-week rolling period)
- Volunteer leave: 32 hours/year
- Military spouse time-off: 80 hours/year
Application Instructions
- Up to 10% travel may be required.