Cybersecurity Lead MedTech R&D
Johnson & Johnson
17 days ago
Remote
United States
IT
Responsibilities:
- Act as business information security partner for MedTech R&D; provide early/proactive engagement and end-to-end security support for large programs.
- Provide tailored security guidance; interpret and apply IAPP requirements/standards.
- Drive cybersecurity adoption across R&D labs and Electrophysiology sites to secure IT/OT assets and enable safe innovation.
- Lead the cyber operational portfolio (identify β consult remediation plan β completion) with ISRM, business, and technology teams.
- Establish data analytics to report security posture across business units, functions, and sites.
- Support Security Operations Center (SOC) incident investigation; liaise with central investigation team.
- Ensure compliance with critical cybersecurity regulations (e.g., NIST, NIS2, Safe Data).
- Support global deployment of security initiatives (awareness sessions, alternatives to avoid disruption, review exceptions).
- Lead/manage security gap assessments and remediation; support integration for key acquisitions.
Qualifications:
- Bachelorβs degree in CS/IT/cybersecurity/business administration or rigorous related field (required).
- 5+ years in IT/OT/and/or engineering with security focus; hands-on implementation understanding of controls (access control, IDP/IDR, anti-malware, patching, encryption, forensics) (required).
- Direct/supported experience with Research & Development functions (required).
- Experience leading/performing security assessments and assurance across enterprise architecture layers (data, application, host, middleware, network, infrastructure).
- Strong knowledge of threats, mitigation, and security vendors/technologies.
- Cloud security experience (AWS/Azure/Salesforce) (required).
- Security standards experience (ISO27001, HiTrust, NIST, etc.) (required); CISM/CISSP/ISA-62443/CISA/CRISC preferred.
- Data visualization exposure (PowerBI, Tableau, etc.).
Other:
- Up to 10% travel may be required.
- This position is based in Raritan, NJ or Irvine, CA, or remotely in the US.
- Act as business information security partner for MedTech R&D; provide early/proactive engagement and end-to-end security support for large programs.
- Provide tailored security guidance; interpret and apply IAPP requirements/standards.
- Drive cybersecurity adoption across R&D labs and Electrophysiology sites to secure IT/OT assets and enable safe innovation.
- Lead the cyber operational portfolio (identify β consult remediation plan β completion) with ISRM, business, and technology teams.
- Establish data analytics to report security posture across business units, functions, and sites.
- Support Security Operations Center (SOC) incident investigation; liaise with central investigation team.
- Ensure compliance with critical cybersecurity regulations (e.g., NIST, NIS2, Safe Data).
- Support global deployment of security initiatives (awareness sessions, alternatives to avoid disruption, review exceptions).
- Lead/manage security gap assessments and remediation; support integration for key acquisitions.
Qualifications:
- Bachelorβs degree in CS/IT/cybersecurity/business administration or rigorous related field (required).
- 5+ years in IT/OT/and/or engineering with security focus; hands-on implementation understanding of controls (access control, IDP/IDR, anti-malware, patching, encryption, forensics) (required).
- Direct/supported experience with Research & Development functions (required).
- Experience leading/performing security assessments and assurance across enterprise architecture layers (data, application, host, middleware, network, infrastructure).
- Strong knowledge of threats, mitigation, and security vendors/technologies.
- Cloud security experience (AWS/Azure/Salesforce) (required).
- Security standards experience (ISO27001, HiTrust, NIST, etc.) (required); CISM/CISSP/ISA-62443/CISA/CRISC preferred.
- Data visualization exposure (PowerBI, Tableau, etc.).
Other:
- Up to 10% travel may be required.
- This position is based in Raritan, NJ or Irvine, CA, or remotely in the US.